aae3f4e56956cc40983eef3c12f00561_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aae3f4e56956cc40983eef3c12f00561_JaffaCakes118
Size

202KB
MD5

aae3f4e56956cc40983eef3c12f00561
SHA1

8a1ee36acf74cec0e700492ffb8fa0300196a7d1
SHA256

a49c093356c4156436a9bacd1d119fd0355852982d971f6031b80b537faf01e4
SHA512

3204b7ccbb7b489155ff71ae7e124cec0fb0354e723730a504619d1d796d115f80a4cff4f8969d8a0de1196bd04ff8fe4d16d895e26291731027c1dcd99c0776
SSDEEP

6144:LABHpu1m1uF7398iPUVoLZRJr9aBOnrW:IJWhmicOPJr9aBOW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aae3f4e56956cc40983eef3c12f00561_JaffaCakes118

Files

aae3f4e56956cc40983eef3c12f00561_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83473df315db51869e56792c9f6dbf51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetDateFormatW
GetStartupInfoA
GetNumberFormatA
GetFileType
OpenSemaphoreW
EnumDateFormatsW
GetShortPathNameW
GetMailslotInfo
CopyFileExA
MoveFileA
CreateEventW
CreateNamedPipeA
OpenWaitableTimerA
AddAtomW
FileTimeToSystemTime
SetLocaleInfoW
HeapCreate
GetThreadLocale
GetTempFileNameA
GetLocaleInfoW
SetLastError
lstrlenA
GetStartupInfoW
GetEnvironmentStringsW
GetModuleHandleA
GlobalFindAtomW
GetProcAddress
SetCurrentDirectoryW

user32

keybd_event
GetDCEx
MonitorFromWindow
GetWindowLongA
SendDlgItemMessageW
CreateMenu
LoadCursorW
AdjustWindowRect
PeekMessageW
CharNextW
EnableMenuItem
GetMenuItemCount
DefWindowProcA

gdi32

GetTextMetricsW
CreatePolygonRgn
CreateDIBPatternBrush
GetNearestColor
SetICMProfileA
SaveDC
ExcludeClipRect
GetDIBColorTable
CopyEnhMetaFileA
GetPolyFillMode
RemoveFontResourceA
CreateDIBitmap
GetBkMode
SelectClipRgn
DeleteDC
GetPixel
GetGlyphOutlineA

advapi32

RegCreateKeyExW
RegSaveKeyA
RegDeleteKeyW
RegQueryValueA
RegQueryInfoKeyW
RegCloseKey
RegReplaceKeyW
RegRestoreKeyW
RegReplaceKeyA

shlwapi

SHRegGetPathA
StrFromTimeIntervalA
PathRelativePathToW
UrlUnescapeW
StrChrNW
StrStrNIW
ChrCmpIW
StrCatW
PathGetCharTypeA
UrlCompareA
SHQueryInfoKeyA
SHEnumValueW

comctl32

ImageList_GetBkColor
ImageList_SetIconSize
ImageList_ReplaceIcon
ImageList_LoadImageW
InitCommonControlsEx
ImageList_Replace
LBItemFromPt
ImageList_DragLeave
DrawStatusText
GetEffectiveClientRect

oleaut32

VarI2FromDec
VarI8FromDate
VarDateFromStr

winspool.drv

DeleteFormA
EnumMonitorsW
EnumMonitorsA
GetJobW
DeletePrinterDriverA
DeletePrinterDataW

oledlg

OleUIInsertObjectA
OleUIPasteSpecialW
OleUIEditLinksW
OleUIConvertA
OleUIChangeIconW
OleUIUpdateLinksA
OleUIConvertW

wsock32

getservbyport
getprotobynumber
gethostbyname
rcmd
GetAddressByNameW

Sections

.cURI
Size: 795B - Virtual size: 795B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.u
Size: 4KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DOehI
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gfy
Size: 3KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.m
Size: 1024B - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EQkoh
Size: 512B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YOV
Size: 1024B - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83473df315db51869e56792c9f6dbf51

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comctl32

oleaut32

winspool.drv

oledlg

wsock32

Sections

.cURI Size: 795B - Virtual size: 795B

.u Size: 4KB - Virtual size: 162KB

.DOehI Size: 9KB - Virtual size: 9KB

.gfy Size: 3KB - Virtual size: 51KB

.m Size: 1024B - Virtual size: 452KB

.data Size: 119KB - Virtual size: 297KB

.EQkoh Size: 512B - Virtual size: 19KB

.YOV Size: 1024B - Virtual size: 75KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 1024B - Virtual size: 652B

.cURI
Size: 795B - Virtual size: 795B

.u
Size: 4KB - Virtual size: 162KB

.DOehI
Size: 9KB - Virtual size: 9KB

.gfy
Size: 3KB - Virtual size: 51KB

.m
Size: 1024B - Virtual size: 452KB

.data
Size: 119KB - Virtual size: 297KB

.EQkoh
Size: 512B - Virtual size: 19KB

.YOV
Size: 1024B - Virtual size: 75KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 1024B - Virtual size: 652B