8c959e682b6ca67b9f195ece76650e79_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c959e682b6ca67b9f195ece76650e79_JaffaCakes118
Size

183KB
MD5

8c959e682b6ca67b9f195ece76650e79
SHA1

7932480f5f4057930ecfd6daf93ae840ab6e9950
SHA256

459ec7234e7b4f4a49b190df9ea395700552a4911377df9b377e17ba3bf2afb1
SHA512

53942aa4b1a5fbe391c8acfb94ee3efab5738b93363da5d29ca02d506ca8beaa6fa0f562cc35b6b7cafea1efef06e99d9d185730da9c9d28960caaa750ce2271
SSDEEP

3072:2SEcNH9qfoUN6O6KAHCCnDYDUORC7XHFi+aQek3q7G2br2Q6:JIUUYasXli+aQZ6fm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c959e682b6ca67b9f195ece76650e79_JaffaCakes118

Files

8c959e682b6ca67b9f195ece76650e79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee37390cff199dae34bcab33e3965d38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkColor
DeleteDC
SetWindowExtEx
ScaleWindowExtEx
ExtTextOutW
GetMapMode
GetDeviceCaps
ScaleViewportExtEx
RectVisible
SetViewportOrgEx
TextOutW
OffsetViewportOrgEx
ExtSelectClipRgn
GetTextColor
Escape
GetStockObject
SelectObject
PtVisible
GetRgnBox

ole32

CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
CoGetClassObject
CoRetireServer
CoInitialize
OleInitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleFlushClipboard
CoRevokeClassObject
CoCreateInstance
OleIsCurrentClipboard
CoRegisterMessageFilter
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoUninitialize
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetNextDlgGroupItem
GetClassLongW
GetPropW
MessageBeep
SetRect
InvalidateRgn
RegisterWindowMessageW
InvalidateRect
GetClassInfoExW
WinHelpW
GetNextDlgTabItem
SetPropW
RemovePropW
CreateWindowExW
CharNextW
CharUpperW
IsRectEmpty
CopyAcceleratorTableW
SendDlgItemMessageA
DestroyMenu

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegQueryInfoKeyW
RegOpenKeyW
RegQueryValueW
RegEnumKeyExW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathFileExistsW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathIsUNCW
PathAppendW

kernel32

GetCalendarInfoW
GetFileAttributesW
GetCurrentDirectoryW
MultiByteToWideChar
FindNextFileW
GetSystemDefaultLangID
EnumResourceLanguagesW
GetVersion
GetLocaleInfoW
SystemTimeToFileTime
lstrcpyW
DeleteFileW
WideCharToMultiByte
GetModuleFileNameW
EnumResourceNamesA
SetFilePointer
InterlockedDecrement
WriteFile
FindFirstFileW
ConvertDefaultLocale
ExitProcess
ReadFile
MoveFileW
RemoveDirectoryW
CreateFileW
LoadLibraryW
GetCurrentProcessId
LocalFileTimeToFileTime
FindClose
CreateDirectoryW
SetFileTime
GetProcAddress

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee37390cff199dae34bcab33e3965d38

Headers

File Characteristics

Imports

gdi32

ole32

oleacc

user32

advapi32

shell32

shlwapi

kernel32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 74KB - Virtual size: 74KB

.edata Size: 1024B - Virtual size: 372KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 74KB - Virtual size: 74KB

.edata
Size: 1024B - Virtual size: 372KB