8de6037c751aaecee1bc8c5dfddc5b8a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8de6037c751aaecee1bc8c5dfddc5b8a_JaffaCakes118
Size

178KB
MD5

8de6037c751aaecee1bc8c5dfddc5b8a
SHA1

93949390ddd46f1e99d48cb3cc3dbbe50c581bcc
SHA256

92a70bc5c03e42224d3fe228d229a634808d3f7060e2e7f431f5c0edbaa0df92
SHA512

a36f8bf9987f5cc494dbfd22e6b9cd3187fc5e4def42ec694d5c89db5b672468c0c296c648c22af33a34c2f163abe7af24b2cd75516aa5d686298fd5f11a35cf
SSDEEP

3072:utc3UdZFwxhZGIEjFPuxF5iAyD6VZHteIjW67W7q2JPmy6Hi7USzcKq9DU:uDvw7IFPemAyD6xn7W7qgPmC/zn2DU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8de6037c751aaecee1bc8c5dfddc5b8a_JaffaCakes118

Files

8de6037c751aaecee1bc8c5dfddc5b8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4369095bd719ed53d9c64b380497cda

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

SelectObject
RectVisible
SetViewportOrgEx
GetStockObject
Escape
GetMapMode
ScaleWindowExtEx
GetDeviceCaps
OffsetViewportOrgEx
ExtTextOutW
ScaleViewportExtEx
PtVisible
GetBkColor
TextOutW
GetTextColor
SetWindowExtEx
ExtSelectClipRgn
DeleteDC
GetRgnBox

user32

GetPropW
IsRectEmpty
GetClassInfoExW
InvalidateRect
MessageBeep
SetPropW
GetClassLongW
GetNextDlgGroupItem
SetRect
RemovePropW
SendDlgItemMessageA
InvalidateRgn
CharNextW
CopyAcceleratorTableW
CreateWindowExW
GetNextDlgTabItem
WinHelpW
RegisterWindowMessageW
CharUpperW
DestroyMenu

advapi32

RegOpenKeyW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW

kernel32

GetCalendarInfoW
InterlockedDecrement
WriteFile
GetLocaleInfoW
CreateFileW
SetFilePointer
MultiByteToWideChar
GetCurrentProcessId
GetThreadContext
LocalFileTimeToFileTime
FindClose
RemoveDirectoryW
lstrcpyW
FindNextFileW
SetFileTime
SystemTimeToFileTime
WideCharToMultiByte
GetVersion
CreateDirectoryW
EnumResourceNamesA
FindFirstFileW
GetModuleFileNameW
ReadFile
ExitProcess
GetFileAttributesW
GetCurrentDirectoryW
MoveFileW
LoadLibraryW
ConvertDefaultLocale
DeleteFileW
GetSystemDefaultLangID
EnumResourceLanguagesW
GetProcAddress

ole32

CoCreateInstance
StgOpenStorageOnILockBytes
CoRevokeClassObject
CoRegisterMessageFilter
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CoTaskMemAlloc
OleUninitialize
CoTaskMemFree
OleIsCurrentClipboard
CLSIDFromProgID
CoGetClassObject
OleFlushClipboard
CoInitialize
OleInitialize
CLSIDFromString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4369095bd719ed53d9c64b380497cda

Headers

File Characteristics

Imports

shell32

shlwapi

oleacc

gdi32

user32

advapi32

kernel32

ole32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 74KB - Virtual size: 74KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 74KB - Virtual size: 74KB

.edata
Size: 1024B - Virtual size: 244KB