b2136200b31f5fd37f257c3c8716895d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2136200b31f5fd37f257c3c8716895d_JaffaCakes118
Size

191KB
MD5

b2136200b31f5fd37f257c3c8716895d
SHA1

7e02bde4a29c0dbf61e3999a11b7b61c5a0d29f9
SHA256

cc918451a5d1f4c2942448e7b56b94c8968ceb4e62d5968e4dbd066b5a2d4a53
SHA512

a9f30c63b3b8b1569d291b1f66a631234b5f8dc085acd3891faec58488447932ce49290a203415bdc304aa98244dc8d85797617d531315e3233f0a240c8c7a84
SSDEEP

3072:olYIT/AVS/hwqF9J/SLUrEbCKiAXd3xsGVDAhWeSxK0AabGWJgkVeQUsARy/:U1NhznSLUr0LrXd3fVULWAabgs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2136200b31f5fd37f257c3c8716895d_JaffaCakes118

Files

b2136200b31f5fd37f257c3c8716895d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f3ba99c7a17c84031710235ee2f7ba9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA
MoveFileA
lstrcatA
lstrlenA
GetShortPathNameA
SearchPathA
lstrcpyA
Sleep
RemoveDirectoryA
CopyFileA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
SetFileAttributesA
GetTempPathA
GetTempFileNameA
GetDiskFreeSpaceA
GetVersion
CreateThread
CreateProcessA
CreateFileA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetWindowsDirectoryA
CreateDirectoryA
GetSystemDirectoryA
MultiByteToWideChar
GetFileAttributesA
CompareFileTime
SetFileTime
CloseHandle
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
LoadLibraryA
WaitForSingleObject
GetExitCodeProcess
lstrcpynA
GetCommandLineA
GetProcAddress
GetTickCount
GlobalFree
WriteFile
GlobalAlloc
MulDiv
SetFilePointer
ReadFile
FreeLibrary
GetPrivateProfileStringA
WritePrivateProfileStringA
ExitProcess
GetCurrentProcess

user32

SetWindowPos
ScreenToClient
EnableWindow
GetDlgItem
SetClassLongA
SetFocus
GetWindowRect
CharPrevA
GetParent
SendDlgItemMessageA
LoadBitmapA
IsWindowVisible
IsWindow
GetDlgItemTextA
FindWindowExA
SendMessageA
DefWindowProcA
DialogBoxParamA
EndDialog
FillRect
GetWindowTextA
DrawTextA
EndPaint
LoadIconA
LoadCursorA
RegisterClassA
SystemParametersInfoA
GetDesktopWindow
CreateWindowExA
SetWindowTextA
SetDlgItemTextA
CharNextA
CreateDialogParamA
DestroyWindow
PostQuitMessage
ShowWindow
SetForegroundWindow
MessageBoxA
wsprintfA
IsWindowEnabled
BeginPaint
SetTimer
SetRect
PeekMessageA
ExitWindowsEx
GetClientRect
DispatchMessageA

gdi32

SetBkMode
SetTextColor
CreateFontA
CreateSolidBrush
DeleteObject
BitBlt
CreateCompatibleDC
GetTextColor
LineTo
MoveToEx
CreatePen
GetStockObject
SetBkColor
GetNearestColor
CreateBrushIndirect
SelectObject

advapi32

RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegEnumValueA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

shell32

SHGetMalloc
ShellExecuteA
SHGetPathFromIDListA
SHFileOperationA
SHBrowseForFolderA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

comctl32

ord17

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f3ba99c7a17c84031710235ee2f7ba9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

comctl32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 99KB

.rsrc Size: 75KB - Virtual size: 76KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 99KB

.rsrc
Size: 75KB - Virtual size: 76KB