a30603d5a07ef486589c062d80f8f38c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a30603d5a07ef486589c062d80f8f38c_JaffaCakes118
Size

161KB
MD5

a30603d5a07ef486589c062d80f8f38c
SHA1

a19ff9e8d276079d13d1dc6bd02019fcbeada4ad
SHA256

a98924b6d367a8d09a31f7327c460a53a781dad663df5828528260a52d366d80
SHA512

eacb6f738fb9f31b1bf343ea711f620edc42b8fa09c375637796b5a35e3cb6067fe8d0c539a909f02134e641e036bd5e07cdab6caab8141c5b49a9754fac7845
SSDEEP

3072:i1mfd8wgPPUZTN0nr+1UBXhP7fTKNOWOQSWZ2xWOQHB5H9kSsKOaQUt9+w+1Bxak:i1mfd8wgPPUZTN0nr+1UBXhP7fTKNOW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a30603d5a07ef486589c062d80f8f38c_JaffaCakes118

Files

a30603d5a07ef486589c062d80f8f38c_JaffaCakes118
.exe windows:1 windows x86 arch:x86

eb2a82a721e95e9abfb6d4f035fcdb60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW

gdi32

CreateFontIndirectW
CreateSolidBrush
DeleteObject
GetObjectW
GetStockObject
GetTextExtentPoint32W
SelectObject
SetBkColor
SetTextColor
TextOutW
CreateFontW

kernel32

CloseHandle
CreateFileW
CreateThread
DeleteFileW
ExitProcess
GetCommandLineW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableW
GetExitCodeThread
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetStartupInfoW
GetStringTypeW
GetThreadPriority
GetVersionExW
GlobalAlloc
GlobalFree
LoadLibraryW
MultiByteToWideChar
OpenProcess
ReadFile
ResumeThread
SetErrorMode
SetFilePointer
SetLastError
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile
CreateMutexW
TerminateProcess
lstrcpyW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
lstrlenW
GetShortPathNameW
FreeLibrary
RtlMoveMemory
VirtualProtect
FlushInstructionCache

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize
ProgIDFromCLSID
CoTaskMemAlloc

oleaut32

GetActiveObject
SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

shell32

ShellExecuteW
Shell_NotifyIconW
SHFileOperationW

user32

CallWindowProcW
CharLowerBuffW
CharNextW
CharUpperBuffW
CreateMenu
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DeleteMenu
DestroyIcon
DestroyWindow
DrawMenuBar
EnableWindow
EndDialog
FillRect
FindWindowW
GetClientRect
GetCursorPos
GetDC
GetDlgItem
GetMenuItemInfoW
GetSysColor
GetWindowLongW
GetWindowRect
GetWindowTextW
GetWindowTextLengthW
InsertMenuItemW
KillTimer
LoadCursorW
LoadIconW
LoadImageW
MessageBoxW
RegisterClassExW
ReleaseDC
SendDlgItemMessageW
SendMessageW
SetCursor
SetFocus
SetMenu
SetMenuItemInfoW
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
TrackPopupMenu
LoadStringW
RegisterClassW
GetWindowThreadProcessId
DialogBoxParamW
RegisterHotKey
GetSubMenu
LoadMenuW
FindWindowExW
AttachThreadInput
EnableMenuItem
WindowFromDC
SetRect

shlwapi

SHDeleteKeyW

ws2_32

closesocket
connect
gethostbyname
recv
send
setsockopt
socket
WSACleanup
WSAStartup
htons

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb2a82a721e95e9abfb6d4f035fcdb60

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

shell32

user32

shlwapi

ws2_32

Sections

.text Size: 51KB - Virtual size: 51KB

.data Size: 3KB - Virtual size: 5KB

.link Size: 4KB - Virtual size: 4KB

.rsrc Size: 101KB - Virtual size: 101KB

.text
Size: 51KB - Virtual size: 51KB

.data
Size: 3KB - Virtual size: 5KB

.link
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 101KB - Virtual size: 101KB