a0e44abd155fd1acbbe9c9eda6e0f2fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0e44abd155fd1acbbe9c9eda6e0f2fd_JaffaCakes118
Size

5.3MB
MD5

a0e44abd155fd1acbbe9c9eda6e0f2fd
SHA1

3de23a0d07f1d3954733c8fb09222d90e11111d3
SHA256

79e0a4531e1ace6874b5c2328663dc422116e26775cdf25fae3b8fae45cd0c39
SHA512

c801b81fe7b5a1e66ab15f394951181228548c6fefe30f34a10d5fa5c97a88f63a0760788340ba79884920c11364a84b29e190a3fb5c66b355a35b4b9a04399f
SSDEEP

98304:qYESjvEqDrgwNJrldQ+kuk73yFhaXyV2sCCXPcYLVNPZyf9GA3k4QL/J+g:Pj8jwDRnkX8cYNA3ktLkg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0e44abd155fd1acbbe9c9eda6e0f2fd_JaffaCakes118

Files

a0e44abd155fd1acbbe9c9eda6e0f2fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

934543d446cf80015b5041258a567c79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
CreateToolbarEx

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetLastError
GetUserDefaultLangID
SetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
CreateFileA
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
lstrcpynA
LocalAlloc
SetEndOfFile
ReadFile
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
Sleep
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
TlsAlloc
GetCurrentThreadId
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
GetCommandLineA
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
ExitThread
TlsSetValue
CreateThread
ResumeThread
RtlUnwind
OpenProcess
ReadProcessMemory
CloseHandle
GetModuleHandleA
GetProcessHeap
HeapAlloc
lstrcpyA
lstrlenA
HeapFree
lstrcatA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GetTickCount
GetVersion
GetCurrentProcess
GetSystemTime
SystemTimeToFileTime
LoadLibraryA
GetProcAddress
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatA
FormatMessageA
LocalFree
WriteFile

user32

OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetFocus
DrawTextA
LoadCursorA
InvalidateRect
GetDlgItemTextA
EnableWindow
IsWindowEnabled
SetDlgItemTextA
GetSysColorBrush
ChildWindowFromPoint
GetSysColor
ClientToScreen
GetDlgItem
MoveWindow
GetWindowRect
GetParent
SetCursor
CallWindowProcA
GetClientRect
DrawIconEx
SetWindowLongA
SetWindowTextA
DestroyIcon
IsZoomed
DialogBoxIndirectParamA
InflateRect
ScreenToClient
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
RegisterWindowMessageA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
UpdateWindow
LoadIconA
RegisterClassA
SetCapture
DialogBoxParamA
ReleaseCapture
SetTimer
SetFocus
GetMenu
CheckMenuItem
GetCursorPos
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
EnableMenuItem
LoadStringA
GetDC
GetSystemMetrics
ReleaseDC
WinHelpA
SetWindowPos
PostMessageA
ShowWindow
InvalidateRgn
KillTimer
DefWindowProcA
SendMessageA
DestroyWindow
MessageBoxA
PostQuitMessage
EndDialog
IsIconic

gdi32

EndDoc
EndPage
ExtTextOutA
StartDocA
SetMapMode
GetDeviceCaps
GetTextExtentPoint32A
SetBkColor
SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
GetObjectA
GetStockObject
DeleteObject
CreateCompatibleDC
GetTextMetricsA
StartPage
CreateSolidBrush

comdlg32

GetSaveFileNameA
FindTextA
ChooseColorA
ChooseFontA
PrintDlgA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
LookupAccountSidW
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
GetTokenInformation
LookupAccountSidA
AdjustTokenPrivileges

shell32

SHGetFileInfoA
Shell_NotifyIconA
ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoSetProxyBlanket

oleaut32

SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantChangeType
SafeArrayGetElement
VariantInit
VariantClear
SysAllocString
SysFreeString
SafeArrayGetLBound

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text0
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

934543d446cf80015b5041258a567c79

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 112KB - Virtual size: 134KB

.rsrc Size: 12KB - Virtual size: 11KB

.text0 Size: 5.1MB - Virtual size: 5.1MB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 112KB - Virtual size: 134KB

.rsrc
Size: 12KB - Virtual size: 11KB

.text0
Size: 5.1MB - Virtual size: 5.1MB