ac892c8d9295d5784b0d6f3eae7cb542_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac892c8d9295d5784b0d6f3eae7cb542_JaffaCakes118
Size

190KB
MD5

ac892c8d9295d5784b0d6f3eae7cb542
SHA1

d97ebaf0ca272dd09a44bceb7067fd88ed0c776b
SHA256

9878d2b92d9e45a6ffcb40b30bc8a1c3b29aa7bebdca9bd932841245eded0ed4
SHA512

2eee1da67b1764077f7e90aa75d4a3c9fc8134cc2121961cf03fd66bc39ba30c8054bfdddcd44878da631a9b11d33965e1b2c91a91634ab5417276f60a1cc804
SSDEEP

3072:D1TrXAsBods4uNmATpotOf2D8FiT+HFbceBXlEOMy2CJkGTyRnB:JksyS4WcOf2oFiTsbdeBRn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac892c8d9295d5784b0d6f3eae7cb542_JaffaCakes118

Files

ac892c8d9295d5784b0d6f3eae7cb542_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a67cda2961b082edea5ae271b9c260b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize
OleIsCurrentClipboard
OleUninitialize
CoGetClassObject
CoRetireServer
CoInitialize
CoRevokeClassObject
CLSIDFromProgID
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoTaskMemFree
StgOpenStorageOnILockBytes
CoCreateInstance
CoTaskMemAlloc
CoUninitialize
OleFlushClipboard
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CLSIDFromString

shlwapi

PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathAppendW

gdi32

SelectObject
RectVisible
ExtTextOutW
SetWindowExtEx
DeleteDC
GetBkColor
Escape
SetViewportOrgEx
ExtSelectClipRgn
GetDeviceCaps
PtVisible
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
TextOutW
GetStockObject
OffsetViewportOrgEx
GetTextColor
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegOpenKeyW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

MultiByteToWideChar
MoveFileW
GetModuleFileNameW
GetCalendarInfoW
SetFilePointer
SetFileTime
InterlockedDecrement
lstrcpyW
RemoveDirectoryW
GetCurrentDirectoryW
SystemTimeToFileTime
CreateDirectoryW
FindFirstFileW
FindClose
GetSystemDefaultLangID
GetLocaleInfoW
DeleteFileW
EnumResourceNamesA
FindNextFileW
ReadFile
LocalFileTimeToFileTime
GetFileAttributesW
WriteFile
EnumResourceLanguagesW
ExitProcess
WideCharToMultiByte
GetVersion
ConvertDefaultLocale
GetCurrentProcessId
LoadLibraryW
CreateFileW
GetProcAddress

user32

InvalidateRect
CharNextW
RemovePropW
MessageBeep
SendDlgItemMessageA
SetRect
InvalidateRgn
GetClassInfoExW
CreateWindowExW
WinHelpW
GetPropW
GetClassLongW
CharUpperW
RegisterWindowMessageW
SetPropW
GetNextDlgTabItem
GetNextDlgGroupItem
CopyAcceleratorTableW
IsRectEmpty
DestroyMenu

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a67cda2961b082edea5ae271b9c260b

Headers

File Characteristics

Imports

ole32

shlwapi

gdi32

shell32

advapi32

oleacc

kernel32

user32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 75KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 75KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 116KB