b02b4a9cbda3063d9bfda5c1be6d0c7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b02b4a9cbda3063d9bfda5c1be6d0c7b_JaffaCakes118
Size

157KB
MD5

b02b4a9cbda3063d9bfda5c1be6d0c7b
SHA1

52320dd7e06f54584625fbdcf72d3219d348d671
SHA256

14b3dee011257b9d3aaa3f79ed31657a55251a83788416ad343b493888760689
SHA512

11dc95cb4c58d9096fbbe0fea9149570df9049eae8d9d8bf738a12791b134859a83094264599662313df38f93ec8d1ecb6af2f672fe05c0df7bb874e613ad939
SSDEEP

3072:9/wLfcWe0phNVoIdkh/u5hIHuqI6c2BZAlOKdbX7waQ/fL1ESFS09TDP3Zn3wr6:9/wLkCHVzd8u5hInBudbxQ/fL1OMP/Zq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b02b4a9cbda3063d9bfda5c1be6d0c7b_JaffaCakes118

Files

b02b4a9cbda3063d9bfda5c1be6d0c7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

720efc1c57f73249e421366fd3dc2b28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyA

shell32

ShellExecuteW

kernel32

MultiByteToWideChar
WideCharToMultiByte
DeleteFileW
GetVDMCurrentDirectories
FindClose
GetUserDefaultUILanguage
GetCurrentProcessId
MoveFileW
SetThreadPriorityBoost
GetLocalTime
FindFirstFileW
CreateFileA
ExitProcess
EnumResourceNamesW
HeapAlloc
SetFilePointer
FreeLibrary
SetUnhandledExceptionFilter
LoadLibraryW
GetModuleHandleA
ReadFile
OutputDebugStringW
CreateProcessW
WriteFile
GetProcAddress
HeapFree

user32

GetWindowLongW
SetRect
MessageBoxW
GetDlgItem
GetWindowRect
EndDialog
MoveWindow
GetSysColor
AdjustWindowRect
SetWindowTextW
SetWindowsHookExW
GetMenuStringW
GetWindowInfo
SendMessageW

comctl32

ImageList_ReplaceIcon
ImageList_Create
ImageList_Draw
ImageList_Destroy

comdlg32

GetSaveFileNameW

gdi32

SetViewportOrgEx
CreateDCW
SetTextColor
CreateCompatibleBitmap
GetTextMetricsW
SetViewportExtEx
CreateSolidBrush
GetCharWidthW
SetBkMode
BitBlt
SelectObject
MoveToEx
SetBkColor
DeleteDC
LineTo
DeleteObject
StretchBlt
CreatePen
CreateFontW
CreatePatternBrush
GetObjectW
CombineRgn
CreateCompatibleDC
ExtCreateRegion
GetDeviceCaps
CreateDIBSection
GetStockObject

msvfw32

ICInfo

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

720efc1c57f73249e421366fd3dc2b28

Headers

File Characteristics

Imports

advapi32

shell32

kernel32

user32

comctl32

comdlg32

gdi32

msvfw32

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 57KB - Virtual size: 57KB

.imul Size: 1024B - Virtual size: 100KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 57KB - Virtual size: 57KB

.imul
Size: 1024B - Virtual size: 100KB