a97a020963100e64dfc0d52a4d7ffd68_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a97a020963100e64dfc0d52a4d7ffd68_JaffaCakes118
Size

186KB
MD5

a97a020963100e64dfc0d52a4d7ffd68
SHA1

45081b95f0efbee3eab17eb49e20e4894a2047c5
SHA256

459fbb948ccdd8e90d7ce0f3531b7abea60c4d7877d3407612d8eb3f523f073e
SHA512

cb70deea5a91e07682b0f1b57eb3bdea69ef3d9648054d64f3f1d371958fe92bafffbb643c066592a473646168e2c8a3e94acdf0c1a415708be3839fa3f336cf
SSDEEP

3072:IDxRQ7p+huB8RHWFwLyV5AtSRr79X1aameMnBMtX9EJUvKXY9LvfufHBt2i+RbG+:ID3Q7shuB8R2F3d9XM79mX9DvPc72iTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a97a020963100e64dfc0d52a4d7ffd68_JaffaCakes118

Files

a97a020963100e64dfc0d52a4d7ffd68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45b530cb3edb9aec3f55ab5a7135d7a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegSetValueExW
RegQueryValueW
RegOpenKeyW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetClassInfoExW
CharNextW
SetRect
MessageBeep
WinHelpW
InvalidateRect
CopyAcceleratorTableW
IsRectEmpty
CharUpperW
InvalidateRgn
RegisterWindowMessageW
CreateWindowExW
GetNextDlgTabItem
SetPropW
RemovePropW
SendDlgItemMessageA
GetNextDlgGroupItem
GetPropW
GetClassLongW
DestroyMenu

shlwapi

PathFindExtensionW
PathStripToRootW
PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathIsUNCW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

ScaleWindowExtEx
GetStockObject
SelectObject
GetMapMode
SetWindowExtEx
TextOutW
ExtSelectClipRgn
ScaleViewportExtEx
GetDeviceCaps
DeleteDC
ExtTextOutW
GetBkColor
RectVisible
PtVisible
SetViewportOrgEx
Escape
GetTextColor
OffsetViewportOrgEx
GetRgnBox

ole32

CoInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleUninitialize
CoRetireServer
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleInitialize
CoUninitialize
OleFlushClipboard
CoTaskMemFree
CoGetClassObject
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
CoRegisterMessageFilter
CLSIDFromString

kernel32

GetCalendarInfoW
ConvertDefaultLocale
GetLocaleInfoW
FindNextFileW
DeleteFileW
GetCurrentDirectoryW
FindClose
SetFilePointer
InterlockedDecrement
lstrcpyW
CreateDirectoryW
MoveFileW
WideCharToMultiByte
CreateFileW
ReadFile
LoadLibraryW
GetCurrentProcessId
SystemTimeToFileTime
EnumResourceNamesA
SetFileTime
WriteFile
ExitProcess
FindFirstFileW
MultiByteToWideChar
RemoveDirectoryW
GetVersion
GetSystemDefaultLangID
GetFileAttributesW
EnumResourceLanguagesW
LocalFileTimeToFileTime
GetModuleFileNameW
GetProcAddress

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45b530cb3edb9aec3f55ab5a7135d7a0

Headers

File Characteristics

Imports

advapi32

oleacc

user32

shlwapi

shell32

gdi32

ole32

kernel32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 72KB - Virtual size: 72KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 72KB - Virtual size: 72KB

.edata
Size: 1024B - Virtual size: 240KB