b0f208217102e10dd07a6f244538bdeb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0f208217102e10dd07a6f244538bdeb_JaffaCakes118
Size

189KB
MD5

b0f208217102e10dd07a6f244538bdeb
SHA1

c217e6671071f4d5bfe7ef4823ae5aa44114d901
SHA256

87aa51d649aee2a2beae6cae2711a53103e01110bd7cabed597f38b64a4a3236
SHA512

1e04c060e2e62e6553c4abbb56b09ba9dbdbf6254315a5be0c2ddcc1a653473419ee048d468a3d900024bd55629ed4208a3aeb438bb3be930d91d1152eeec0ad
SSDEEP

3072:9GGrQQiKTUf8UU55f4jMa0NTAxAZ67GU0w0xdQgsoWaAEldXaV6jN1R7EqHC:9GCQQiB5eTAyZqZ0w0x2HE/fqVC1lEn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0f208217102e10dd07a6f244538bdeb_JaffaCakes118

Files

b0f208217102e10dd07a6f244538bdeb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32300b2b400f764bdd905f4a2a661d4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfileOnILockBytes
CoCreateInstance
StgOpenStorageOnILockBytes
OleInitialize
CoTaskMemAlloc
CreateILockBytesOnHGlobal
CoRetireServer
CoGetClassObject
OleUninitialize
CLSIDFromProgID
CoRevokeClassObject
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoUninitialize
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathFindExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathStripToRootW
PathFileExistsW
PathIsUNCW
PathAppendW

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegOpenKeyW
RegQueryValueW
RegDeleteKeyW
RegQueryValueExW

kernel32

GetCalendarInfoW
CreateDirectoryW
lstrcpyW
FindNextFileW
WriteFile
GetModuleFileNameW
GetFileAttributesW
MoveFileW
InterlockedDecrement
ReadFile
ConvertDefaultLocale
LoadLibraryW
CreateFileW
GetSystemDefaultLangID
FindClose
SetFileTime
DeleteFileW
FindFirstFileW
GetVersion
EnumResourceNamesA
LocalFileTimeToFileTime
SetFilePointer
GetLocaleInfoW
RemoveDirectoryW
MultiByteToWideChar
ExitProcess
GetCurrentProcessId
GetCurrentDirectoryW
EnumResourceLanguagesW
SystemTimeToFileTime
WideCharToMultiByte
GetProcAddress

user32

InvalidateRgn
IsRectEmpty
GetNextDlgGroupItem
CharUpperW
GetNextDlgTabItem
GetPropW
CopyAcceleratorTableW
SetRect
WinHelpW
CreateWindowExW
GetClassInfoExW
RemovePropW
RegisterWindowMessageW
MessageBeep
InvalidateRect
SendDlgItemMessageA
CharNextW
SetPropW
GetClassLongW
DestroyMenu

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

TextOutW
SelectObject
OffsetViewportOrgEx
ExtTextOutW
ScaleViewportExtEx
Escape
PtVisible
GetStockObject
DeleteDC
GetBkColor
SetViewportOrgEx
ScaleWindowExtEx
GetDeviceCaps
GetTextColor
RectVisible
ExtSelectClipRgn
GetMapMode
SetWindowExtEx
GetRgnBox

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32300b2b400f764bdd905f4a2a661d4e

Headers

File Characteristics

Imports

ole32

oleacc

shlwapi

advapi32

kernel32

user32

shell32

gdi32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 80KB - Virtual size: 80KB

.edata Size: 1024B - Virtual size: 68KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 80KB - Virtual size: 80KB

.edata
Size: 1024B - Virtual size: 68KB