aa9dea9e60b0d447fd7c5a94bb705ac2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aa9dea9e60b0d447fd7c5a94bb705ac2_JaffaCakes118
Size

174KB
MD5

aa9dea9e60b0d447fd7c5a94bb705ac2
SHA1

1efab5a7402eb222039d21109537e4d3aee24a0e
SHA256

c8e6078de83bc38a5962da31aaccf1e4f9b78d6fd82f69b605b97cc3739e8952
SHA512

06c024d7a998a27ffd4b445cb8032caaabe7ce9982f8bf32b0703b80d557d42d52c60edb06fb040811a81379d89113acd2f4cbcee380d1215705e6c04bed146b
SSDEEP

3072:soHHPqlc6hxS+8B9SLOoEismuGYPanDiM58g74g/:cc6hcJBroVff0Mp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa9dea9e60b0d447fd7c5a94bb705ac2_JaffaCakes118

Files

aa9dea9e60b0d447fd7c5a94bb705ac2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

381ff8051981fb10dc7f5c02f48255be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

SetRect
CharNextW
GetClassInfoExW
CopyAcceleratorTableW
GetNextDlgGroupItem
GetClassLongW
RegisterWindowMessageW
WinHelpW
InvalidateRgn
RemovePropW
InvalidateRect
SetPropW
MessageBeep
SendDlgItemMessageA
GetNextDlgTabItem
IsRectEmpty
CharUpperW
CreateWindowExW
GetPropW
DestroyMenu

gdi32

SelectObject
GetDeviceCaps
ExtSelectClipRgn
RectVisible
SetWindowExtEx
ScaleWindowExtEx
TextOutW
SetViewportOrgEx
Escape
OffsetViewportOrgEx
DeleteDC
GetMapMode
ExtTextOutW
GetStockObject
GetBkColor
ScaleViewportExtEx
GetTextColor
PtVisible
GetRgnBox

shlwapi

PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

FindClose
CreateDirectoryW
GetVersion
GetCalendarInfoW
GetSystemDefaultLangID
GetCurrentDirectoryW
SetFileTime
EnumResourceLanguagesW
ReadFile
WriteFile
RemoveDirectoryW
GetThreadContext
GetFileAttributesW
DeleteFileW
FindFirstFileW
LoadLibraryW
GetModuleFileNameW
EnumResourceNamesA
GetCurrentProcessId
FindNextFileW
ExitProcess
SystemTimeToFileTime
SetFilePointer
CreateFileW
ConvertDefaultLocale
GetLocaleInfoW
LocalFileTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
MoveFileW
InterlockedDecrement
GetProcAddress

advapi32

RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW

ole32

CLSIDFromProgID
CoGetClassObject
CreateILockBytesOnHGlobal
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CoCreateInstance
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoTaskMemFree
OleInitialize
CoRegisterMessageFilter
OleUninitialize
CoUninitialize
OleFlushClipboard
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoInitialize
CLSIDFromString

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

381ff8051981fb10dc7f5c02f48255be

Headers

File Characteristics

Imports

shell32

user32

gdi32

shlwapi

oleacc

kernel32

advapi32

ole32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 69KB - Virtual size: 68KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 69KB - Virtual size: 68KB

.edata
Size: 1024B - Virtual size: 96KB