b0e8572d96302347a9ae583443d1282c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0e8572d96302347a9ae583443d1282c_JaffaCakes118
Size

198KB
MD5

b0e8572d96302347a9ae583443d1282c
SHA1

475ff6702f94ebcf6a47da3ab3400e3a0d6a3282
SHA256

40a829a8c5602cf656ec73d0bf6257638bcb519f8a2ee732d6775e6f70f72b28
SHA512

181efc3ff1cc0ac66bd535636b8f44a4900e3cc71d63720d725f12f22e8a2727129052babc1c8cdd24e1f31a36c4a873c002bf5325d6b44280e93d2d11665b6c
SSDEEP

3072:RcOEnCosiGy+/buxO51IpAmpCv026IcMhEMwz/M3YOM3sdeRdHnC+cEZMk:GOosnC8WkM21EMwz/M3w3sU/nL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0e8572d96302347a9ae583443d1282c_JaffaCakes118

Files

b0e8572d96302347a9ae583443d1282c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84a891c8dda4467e83b96676b1074928

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegQueryValueW
RegOpenKeyW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegEnumKeyW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW

user32

SendDlgItemMessageA
GetClassLongW
CharNextW
CopyAcceleratorTableW
RemovePropW
InvalidateRect
RegisterWindowMessageW
CharUpperW
SetPropW
MessageBeep
GetClassInfoExW
WinHelpW
GetNextDlgTabItem
GetNextDlgGroupItem
SetRect
CreateWindowExW
IsRectEmpty
InvalidateRgn
GetPropW
DestroyMenu

shlwapi

PathIsUNCW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathAppendW

gdi32

TextOutW
GetBkColor
ScaleWindowExtEx
PtVisible
SelectObject
OffsetViewportOrgEx
SetWindowExtEx
GetStockObject
GetDeviceCaps
SetViewportOrgEx
DeleteDC
RectVisible
ExtTextOutW
ExtSelectClipRgn
Escape
ScaleViewportExtEx
GetMapMode
GetTextColor
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoGetClassObject
CoUninitialize
OleInitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
CoCreateInstance
OleFlushClipboard
CoInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleUninitialize
CLSIDFromProgID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

DeleteFileW
MoveFileW
GetCalendarInfoW
SetFilePointer
CreateDirectoryW
GetModuleFileNameW
lstrcpyW
GetThreadContext
SystemTimeToFileTime
EnumResourceLanguagesW
ReadFile
GetSystemDefaultLangID
WriteFile
CreateFileW
GetVersion
FindNextFileW
EnumResourceNamesA
GetCurrentDirectoryW
FindClose
FindFirstFileW
InterlockedDecrement
LoadLibraryW
ExitProcess
ConvertDefaultLocale
MultiByteToWideChar
RemoveDirectoryW
GetLocaleInfoW
WideCharToMultiByte
GetCurrentProcessId
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesW
GetProcAddress

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84a891c8dda4467e83b96676b1074928

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

gdi32

shell32

ole32

oleacc

kernel32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 83KB - Virtual size: 82KB

.edata Size: 1024B - Virtual size: 216KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 83KB - Virtual size: 82KB

.edata
Size: 1024B - Virtual size: 216KB