a7f32cd6068b57f73482d20895274d72_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7f32cd6068b57f73482d20895274d72_JaffaCakes118
Size

2.1MB
MD5

a7f32cd6068b57f73482d20895274d72
SHA1

cf9aadafcfc64f16d7d15e5aede883cdd02f325a
SHA256

1884f920fb19fe5977a44519829a10f9c5ef51332a01a0abb4ccea5396ac91e0
SHA512

cb727de9993ad6d47f2ed1534eacc961fb0ca3baeef3fef4e82a444795154e97e41e5819860b6f2710e60bd86ef783a42830d3adbfb38fe771bc3d343f15c084
SSDEEP

49152:PVJvLJy2ggsh96QegzlEp9Aco7wHDycjaNLeH3Wst9p5:PVJvNyxhh96QeVDAv7wfjaoF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7f32cd6068b57f73482d20895274d72_JaffaCakes118

Files

a7f32cd6068b57f73482d20895274d72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16dc29e889f25174419fb290c886bc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

CreateBrushIndirect
CreatePalette

comctl32

ImageList_DragShowNolock
ImageList_Add

shell32

SHGetDiskFreeSpaceA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetFolderPathA

advapi32

RegCreateKeyA
RegEnumValueA
RegDeleteValueA

comdlg32

FindTextA

oleaut32

GetErrorInfo
SysAllocStringLen
SafeArrayGetUBound
OleLoadPicture
VariantCopyInd
VariantChangeType

user32

LoadKeyboardLayoutA
GetKeyState
EndPaint
GetClientRect
GetIconInfo
DestroyIcon
PeekMessageA
CharToOemA
GetKeyNameTextA
IsCharLowerA
MoveWindow
GetFocus
DrawEdge
EmptyClipboard
ChildWindowFromPoint
GetCapture
SendMessageW
EnumWindows
GetWindowTextA
GetWindowLongW
GetKeyboardLayoutList
LoadBitmapA
IsRectEmpty
DrawFrameControl
CharLowerA
MapVirtualKeyA
SetWindowsHookExA
InvalidateRect
GetScrollInfo
GetMenu
MessageBoxA
GetLastActivePopup
OffsetRect
CreateWindowExA
GetMenuState
DrawIconEx
GetWindowThreadProcessId
SetActiveWindow
BeginPaint
ClientToScreen
GetKeyboardLayoutNameA
GetWindowLongA
GetClassLongA
DestroyWindow
PostMessageA
SetScrollPos
CharNextW
CreateMenu
SetForegroundWindow
GetClassInfoA
GetDC
GetMenuItemID
DefWindowProcA
GetClassNameA
GetKeyboardState
InflateRect
SetMenu
SetScrollRange
GetDesktopWindow
SetFocus
DeleteMenu
IsChild
IsWindowVisible
TranslateMDISysAccel
SetWindowLongA
wsprintfA
ScreenToClient
LoadStringA
IsZoomed
WaitMessage
PeekMessageW
GetWindowRect
GetSysColorBrush
EnableMenuItem
GetClipboardData
CheckMenuItem
EnableScrollBar
DestroyMenu
CallWindowProcA
CharLowerBuffA
UnhookWindowsHookEx
PostQuitMessage
GetMenuStringA
ShowOwnedPopups
MessageBeep
GetWindowTextLengthA
GetWindowPlacement
SetMenuItemInfoA
OpenClipboard
GetDlgItem
DefFrameProcA
SetClipboardData
DefMDIChildProcA
SetWindowPlacement
GetMenuItemCount
CreatePopupMenu
SetScrollInfo
MapWindowPoints
CharUpperBuffA
IsCharUpperA
GetWindow
CharUpperA
CreateIcon
UpdateWindow
GetTopWindow
EqualRect
SetCursor
AdjustWindowRectEx
SetWindowPos
SetCapture
CharNextA
GetCursor
GetMessagePos
IsWindowEnabled
GetWindowDC

ole32

CoTaskMemFree
CoDisconnectObject
WriteClassStm
CoGetContextToken
StgCreateDocfileOnILockBytes
CoUnmarshalInterface
GetHGlobalFromStream
OleRun
OleCreateStaticFromData
CLSIDFromProgID

kernel32

ExitProcess
GetACP
lstrlenA
GetLastError
VirtualQuery
VirtualFree
WaitForSingleObject
VirtualAlloc
VirtualAllocEx
SizeofResource

shlwapi

SHDeleteValueA

version

VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

Ihv@16
45J@12
_yU

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.0MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16dc29e889f25174419fb290c886bc80

Headers

File Characteristics

Imports

gdi32

comctl32

shell32

advapi32

comdlg32

oleaut32

user32

ole32

kernel32

shlwapi

version

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 2.0MB - Virtual size: 7.3MB

.tls Size: 1KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 2.0MB - Virtual size: 7.3MB

.tls
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 15KB