a57d1c60b7c06d5b085bcef97ec21205_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a57d1c60b7c06d5b085bcef97ec21205_JaffaCakes118
Size

281KB
MD5

a57d1c60b7c06d5b085bcef97ec21205
SHA1

dc47e4775b1c61e8e139eebfeac1774a8449a9c2
SHA256

cbf66ce58b75fa87c2e8554e0588c4c5282ab8b2590dc7c8cf3583fc40ab1afc
SHA512

dc5325906220c2b9c4fcc0bc700a82cb051a20862721b73da6c76f3e9d9f0c3d8d6578effb874608f2b60eb5d9689465c0f631107a9248ee60ead7d0e4a145c9
SSDEEP

6144:cK6G4TKuSg6gNwRfgF7DBwxyeQysZKBr2wpTinVTe7ToyadV/49:cKmK2NwfuDuANFCJwVTeXoyadVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a57d1c60b7c06d5b085bcef97ec21205_JaffaCakes118

Files

a57d1c60b7c06d5b085bcef97ec21205_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a29909a44984ffbac05b1330bf06b788

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
GetTickCount
MoveFileW
GetUserDefaultLangID
SetCurrentDirectoryW
GetFileAttributesExW
FreeLibrary
CancelWaitableTimer
WaitForMultipleObjects
Sleep
DuplicateHandle
FindNextChangeNotification
GlobalFree
InterlockedIncrement
GetFileSize
DeleteFileW
GetDriveTypeW
SetLastError
GetLocalTime
WriteFile
ReadFile
CreateEventW
GetLogicalDrives
CreateFileW
LoadLibraryW
FindNextFileW
GetCurrentThread
FindFirstFileW
LockResource
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualProtect
FindResourceW
GetModuleFileNameW
ResetEvent
MultiByteToWideChar
WideCharToMultiByte
FreeResource
GetLastError
GetVersion
GetFileAttributesW
CloseHandle
GlobalUnlock
CreateProcessW
WritePrivateProfileStringW
GetProcAddress
VirtualFree
GetSystemTime
MulDiv
WaitForSingleObject
GetCurrentProcessId
SetEndOfFile
SizeofResource
lstrlenW
InterlockedDecrement
SetEvent

user32

GetSysColor
AppendMenuW
IsWindow
EndDialog
TrackPopupMenu
GetWindowDC
GetMessageW
LoadImageW
SetLayeredWindowAttributes
DispatchMessageW
FillRect
CreatePopupMenu
SystemParametersInfoW
DestroyIcon
TranslateMessage
SetCapture
PostMessageW
GetParent
CreateWindowExW
RedrawWindow
LoadIconW
GetWindowTextW
SetForegroundWindow
SetCursor
EnableWindow
OffsetRect
IsDlgButtonChecked
DrawTextW
DefWindowProcW
GetWindowThreadProcessId
SetWindowPos
PostQuitMessage
RegisterHotKey
RegisterWindowMessageW
LoadCursorW
RegisterClassExW
ReleaseCapture
SendMessageW
PostThreadMessageW
SendDlgItemMessageW
wsprintfW
VkKeyScanW

gdi32

SelectObject
DeleteObject
GetStockObject
CreateSolidBrush
Rectangle
CreatePen
GetClipBox
SetBkColor
SetDIBits
DPtoLP
CreateBitmap
CreateFontIndirectW
DeleteDC
GetDeviceCaps

advapi32

RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
LookupPrivilegeValueW
RegCloseKey
SetSecurityDescriptorDacl
StartServiceW
RegNotifyChangeKeyValue

shell32

Shell_NotifyIconW
SHChangeNotify

ole32

CoInitializeEx
CoUninitialize

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a29909a44984ffbac05b1330bf06b788

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 20KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 20KB