b56a03319d19194acd52f36346d4d84b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b56a03319d19194acd52f36346d4d84b_JaffaCakes118
Size

636KB
MD5

b56a03319d19194acd52f36346d4d84b
SHA1

b5524cebe22b48bf07912634e9313b6ac8b1342b
SHA256

8f97e62c59839186cd915cdb93f90e0460c0c6c219214081730fa8bbc5fe4b0a
SHA512

a9a23deff961e1ef47e5cc91b135a0cd3eb006e340535f9c3b2c4e73b31c4ab6424c99034c567647805923fb60c5892215913f39aab4b46373a491c92cf05127
SSDEEP

12288:BYJ7RSEqUyvaFU1gD8+ZddtOqb8pUsVSAvd4qe7hPA31O46ri63sxRwar71V3Ycp:BvEqUy3qQFwU71icAlgHLNX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b56a03319d19194acd52f36346d4d84b_JaffaCakes118

Files

b56a03319d19194acd52f36346d4d84b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0297f7160eaee4d570d1356b31b6c25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
LocalFree
GetCurrentDirectoryW
GetCurrentDirectoryA
GetSystemDirectoryW
GetSystemDirectoryA
OutputDebugStringW
OutputDebugStringA
MultiByteToWideChar
WideCharToMultiByte
GetUserDefaultLCID
GlobalAlloc
FreeLibrary
LoadLibraryA
GetSystemDefaultLCID
CloseHandle
WriteFile
GetLastError
ReadFile
SetFilePointer
CreateFileA
CreateFileW
lstrlenA
GetStartupInfoA

user32

LoadMenuA
DialogBoxParamA
RegisterClassA
GetClassInfoA
CreateDialogParamA
LoadStringW
GetWindowPlacement
PeekMessageA
AppendMenuA
DeleteMenu
SetWindowPlacement
MessageBoxA
PostMessageA
GetDesktopWindow
MessageBoxW
SetMenuItemInfoA
GetMenuItemInfoA
LoadIconA
TrackPopupMenu
DefWindowProcA
SendMessageA
GetFocus
GetDC
GetDlgItem
IsDlgButtonChecked
GetMenuItemID
GetSubMenu
GetMenuItemCount
EnableMenuItem
CheckMenuItem
GetWindowLongA
DestroyWindow
CreateWindowExA
LoadAcceleratorsA
GetMessageA
IsWindow
TranslateAcceleratorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA
EndDialog
DestroyMenu
ShowCursor
SendMessageW
CallWindowProcA
SetFocus
GetWindow
CheckDlgButton
SetWindowLongA
ShowWindow
UpdateWindow
GetClientRect
GetParent
SetCapture
DefMDIChildProcA
ScreenToClient
ReleaseCapture
ReleaseDC
MoveWindow
InvalidateRect
SetCursor
GetWindowRect
GetSystemMetrics
TranslateMDISysAccel
DefFrameProcA
PostQuitMessage
LoadStringA
LoadCursorA
RegisterClassExA
EnableWindow

gdi32

PatBlt

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegEnumKeyA
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
RegDeleteKeyA
RegDeleteKeyW
RegQueryInfoKeyA

shell32

DragAcceptFiles
ShellExecuteW
ShellExecuteA
DragQueryFileA
DragQueryFileW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoCreateInstanceEx
CLSIDFromProgID
CLSIDFromString
BindMoniker
CreateFileMoniker
ProgIDFromCLSID
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoRegisterMallocSpy
CoRevokeMallocSpy
CreateBindCtx

oleaut32

SysAllocString
GetErrorInfo
SetErrorInfo
VariantChangeType
VariantClear
SysFreeString
VariantChangeTypeEx
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayPutElement
SafeArrayCreate
VariantCopy

comctl32

ImageList_LoadImageA
PropertySheetA
ImageList_DragEnter
ImageList_BeginDrag
ImageList_DragLeave
ImageList_EndDrag
CreateToolbarEx
InitCommonControlsEx
ImageList_GetIcon
ImageList_DragMove
CreateStatusWindowW
ord6

msvcrt

__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p__fmode
exit
_cexit
_XcptFilter
_exit
_c_exit
_onexit
__set_app_type
_except_handler3
_acmdln
wcsncpy
_purecall
??3@YAXPAX@Z
wcslen
??2@YAPAXI@Z
memmove
wcscmp
wcschr
_vsnwprintf
_wsplitpath
wcsstr
wcscat
__dllonexit
_stricmp
wcstoul
_wcsicmp
wcstol
_errno
_wtoi64
setlocale
wcscpy
_controlfp

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0297f7160eaee4d570d1356b31b6c25

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

msvcrt

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 160KB - Virtual size: 156KB

.data Size: 4KB - Virtual size: 50KB

.rsrc Size: 184KB - Virtual size: 184KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 160KB - Virtual size: 156KB

.data
Size: 4KB - Virtual size: 50KB

.rsrc
Size: 184KB - Virtual size: 184KB