b1060ef3d3fcb6f3bcb1ab4767bc8187_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b1060ef3d3fcb6f3bcb1ab4767bc8187_JaffaCakes118
Size

184KB
MD5

b1060ef3d3fcb6f3bcb1ab4767bc8187
SHA1

34183966b614f726464fbe143b2808eab2fd03f2
SHA256

763812af973d7b41d0c9fd88920ebdd238b4b20ce2a97f41e61e14a44b1f29e6
SHA512

266edf235c864236d61c371ffeee59bb68384d6febf5dd3dd769e8d1740d93038a2fa8a92d3242dc53f0237a4cd29ff13eae75626ab5d93342be3b0fb88c2b0d
SSDEEP

3072:DTbVjZY90ob8NbLP4PQUspAtJ1lPdaaxscPjBun3IFy15:DTbVji9+wPYC9aa7F844

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1060ef3d3fcb6f3bcb1ab4767bc8187_JaffaCakes118

Files

b1060ef3d3fcb6f3bcb1ab4767bc8187_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e72ff299fb9ceafe8d6e047fe592c48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
CreateToolbarEx

kernel32

GetSystemDirectoryA
QueryPerformanceFrequency
GetVersion
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcatA
HeapFree
lstrlenA
lstrcpyA
HeapAlloc
GetProcessHeap
ReadProcessMemory
OpenProcess
Sleep
GetUserDefaultLangID
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
ReadFile
GetStringTypeW
GetStringTypeA
GetLastError
SetFilePointer
FlushFileBuffers
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
WriteFile
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
DeleteFileA
GetCurrentDirectoryA
GetCurrentProcessId
GetLogicalDrives
GetDriveTypeA
CloseHandle
GetTickCount
LoadLibraryA
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
DosDateTimeToFileTime
GetTimeFormatA
DeviceIoControl
FormatMessageA
LocalFree
GetModuleHandleA
GetProcAddress
LCMapStringW
SetLastError
CreateFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
MultiByteToWideChar

user32

EmptyClipboard
OpenClipboard
CallWindowProcA
GetClientRect
DrawIconEx
SetWindowLongA
SetWindowTextA
DestroyIcon
IsZoomed
IsIconic
GetSystemMetrics
ClientToScreen
ScreenToClient
GetDlgItemTextA
EnableWindow
IsWindowEnabled
SetDlgItemTextA
CheckDlgButton
CheckRadioButton
LoadAcceleratorsA
SetClipboardData
GetMessageA
TranslateAcceleratorA
IsWindow
SetCursor
InvalidateRect
ChildWindowFromPoint
GetSysColor
GetSysColorBrush
LoadCursorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
RegisterClassA
SetCapture
DialogBoxParamA
GetMenu
EnableMenuItem
CloseClipboard
GetFocus
RegisterWindowMessageA
DrawTextA
GetDlgItem
MoveWindow
GetWindowRect
GetParent
CreateMenu
InsertMenuA
SetTimer
ReleaseCapture
SetFocus
DefWindowProcA
BeginPaint
EndPaint
GetCursorPos
LoadMenuA
GetSubMenu
TrackPopupMenu
DestroyMenu
LoadStringA
GetDC
ReleaseDC
WinHelpA
InvalidateRgn
SetWindowPos
PostMessageA
DestroyWindow
CheckMenuItem
SendMessageA
PostQuitMessage
MessageBoxA
EndDialog
IsDlgButtonChecked

gdi32

GetTextExtentPoint32A
SetBkColor
CreateSolidBrush
GetTextMetricsA
CreateCompatibleDC
DeleteObject
GetStockObject
GetObjectA
CreateFontIndirectA
SetBkMode
SetTextColor
ExtTextOutA
SelectObject

comdlg32

GetOpenFileNameA
FindTextA
ChooseColorA
ChooseFontA
GetSaveFileNameA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyA
RegQueryValueExA
GetTokenInformation
LookupAccountSidA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA
AdjustTokenPrivileges

shell32

ShellExecuteExA
ShellExecuteA
SHGetFileInfoA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.txt
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e72ff299fb9ceafe8d6e047fe592c48

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

version

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 97KB

.rsrc Size: 80KB - Virtual size: 78KB

.txt Size: 8KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 97KB

.rsrc
Size: 80KB - Virtual size: 78KB

.txt
Size: 8KB - Virtual size: 5KB