accef8d182b137162c51bcc2be91b298_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

accef8d182b137162c51bcc2be91b298_JaffaCakes118
Size

179KB
MD5

accef8d182b137162c51bcc2be91b298
SHA1

9ed35291c1764a2cb972069dc0ace7c9122d3afe
SHA256

5abe121f933345f83f55951690fc5e2b9b4d2cde35d4d37ee3714df606fff727
SHA512

c3ef4c2ceb9d11020924a5e10653e23fd0c9b18cd882e2fc417e3769236ed2f6fa769f52076c9dea38656596c97bb7bacbd8b2275f1eb047db435c569d86cfda
SSDEEP

3072:BpCWzABin84LWq46xxu+A3MgtQgQ7R+ZtGhTbA0InY4maF64RKSxW76:BBzA8n84L9u+WMgtbQ7Rmtz0InwaFPFT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
accef8d182b137162c51bcc2be91b298_JaffaCakes118

Files

accef8d182b137162c51bcc2be91b298_JaffaCakes118
.exe windows:4 windows x86 arch:x86

830d9fa90fb6eb50302bd0b1e74f60c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExW
RegisterWindowMessageW
SendDlgItemMessageA
InvalidateRgn
GetNextDlgTabItem
GetClassInfoExW
RemovePropW
WinHelpW
GetPropW
IsRectEmpty
SetRect
GetNextDlgGroupItem
SetPropW
CharUpperW
MessageBeep
CharNextW
InvalidateRect
GetClassLongW
CopyAcceleratorTableW
DestroyMenu

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW
PathAppendW

gdi32

PtVisible
GetMapMode
TextOutW
ScaleViewportExtEx
GetBkColor
SetWindowExtEx
RectVisible
Escape
SetViewportOrgEx
GetTextColor
ExtTextOutW
ExtSelectClipRgn
OffsetViewportOrgEx
DeleteDC
SelectObject
GetDeviceCaps
ScaleWindowExtEx
GetStockObject
GetRgnBox

ole32

OleFlushClipboard
CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize
StgCreateDocfileOnILockBytes
CoRetireServer
OleInitialize
CoGetClassObject
OleIsCurrentClipboard
CoUninitialize
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoCreateInstance
CLSIDFromProgID
OleUninitialize
CoRevokeClassObject
CoTaskMemFree
CreateILockBytesOnHGlobal
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

CreateFileW
CreateDirectoryW
WriteFile
FindClose
GetCalendarInfoW
SetFilePointer
WideCharToMultiByte
FindNextFileW
ConvertDefaultLocale
SystemTimeToFileTime
LocalFileTimeToFileTime
RemoveDirectoryW
GetLocaleInfoW
GetVersion
DeleteFileW
GetFileAttributesW
MultiByteToWideChar
EnumResourceNamesA
SetFileTime
ReadFile
EnumResourceLanguagesW
lstrcpyW
MoveFileW
InterlockedDecrement
LoadLibraryW
ExitProcess
GetSystemDefaultLangID
FindFirstFileW
GetModuleFileNameW
GetCurrentProcessId
GetCurrentDirectoryW
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegQueryValueW
RegCloseKey
RegOpenKeyW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

830d9fa90fb6eb50302bd0b1e74f60c6

Headers

File Characteristics

Imports

user32

shlwapi

gdi32

ole32

shell32

kernel32

oleacc

advapi32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 73KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 73KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 244KB