82722d3bdc0c59fba99ffd8faba721fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82722d3bdc0c59fba99ffd8faba721fd_JaffaCakes118
Size

171KB
MD5

82722d3bdc0c59fba99ffd8faba721fd
SHA1

4fffc90b674341a8d850625fc7719c86cf15e45f
SHA256

2f7e796325c096f4ad772230cf4023a54bc7b49a4dba43e2b9d940b1174afb46
SHA512

8315f25c81443ef1278f354a419402cd328a2006fa48a6a05689cb1268a38979ea7eeb45d37633434b98da88cde4325bdc6a2c652f5b98659a6da74bab275040
SSDEEP

3072:ywjAhR+1Rls6KrmvjhxiCO1tIjUA0qFZ+qN5vhFSocJ:vO+1Rq6yijSCUuF4zocJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82722d3bdc0c59fba99ffd8faba721fd_JaffaCakes118

Files

82722d3bdc0c59fba99ffd8faba721fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2a3e07738d018ed7c74dd40e8a8d699

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextW
GetWindowLongW
ModifyMenuW
IsWindowEnabled
EnableMenuItem
ReleaseDC
GetParent
CheckMenuItem
GetDC
MessageBoxW
EnableWindow
GetMenuCheckMarkDimensions
LoadCursorW
GetSystemMetrics
GetSysColor
LoadBitmapW
GetLastActivePopup
GetSysColorBrush

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

SHGetSpecialFolderPathW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shlwapi

PathFindFileNameW
PathAppendW
PathFileExistsW
PathFindExtensionW

kernel32

RtlUnwind
TerminateProcess
SetUnhandledExceptionFilter
HeapSize
GetShortPathNameW
FreeEnvironmentStringsW
GetStdHandle
GetStringTypeA
IsBadReadPtr
GetSystemTimeAsFileTime
LCMapStringW
GetProcessAffinityMask
VirtualAlloc
GetStartupInfoA
HeapReAlloc
SetHandleCount
VirtualProtect
GetTickCount
GetEnvironmentStringsW
GetStringTypeW
GetCommandLineA
VirtualQuery
WriteFile
LCMapStringA
IsBadWritePtr
EnumResourceTypesW
GetModuleFileNameA
HeapAlloc
GetEnvironmentStrings
FlushFileBuffers
GetSystemInfo
SetStdHandle
GetFileAttributesA
IsBadCodePtr
HeapCreate
GetOEMCP
UnhandledExceptionFilter
GetCPInfo
VirtualFree
HeapDestroy
GetFileType
GetCurrentProcess
HeapFree
QueryPerformanceCounter
SetFilePointer
GetCurrentProcessId
ExitProcess

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

gdi32

OffsetViewportOrgEx
GetDeviceCaps
SetViewportExtEx
ScaleViewportExtEx
TextOutW
GetClipBox
SetMapMode
DeleteDC
PtVisible
SetWindowExtEx
SetBkColor
RectVisible
SetTextColor
Escape
SetViewportOrgEx
RestoreDC
ScaleWindowExtEx
CreateBitmap
SelectObject
ExtTextOutW
DeleteObject
SaveDC
GetStockObject

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2a3e07738d018ed7c74dd40e8a8d699

Headers

File Characteristics

Imports

user32

ole32

shell32

advapi32

shlwapi

kernel32

winspool.drv

gdi32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 68KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 68KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 252KB