b2db6c81994aa1b83cdf8df2f73e7e3b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2db6c81994aa1b83cdf8df2f73e7e3b_JaffaCakes118
Size

171KB
MD5

b2db6c81994aa1b83cdf8df2f73e7e3b
SHA1

2a4e8f1d70a3a2ccf7441aefe1172bccff291326
SHA256

973c3dd8bb2987b6df4da1435a1e4ddafe9b455336f4e532faa991056bdf718c
SHA512

a7c12d71581345e45f220439e70578877015e3890c1e33ef6aa5526c0299e7ccbb5a2c188499ca21de409a95a0fe3e3d61b937a14852588c3f732d3306e3ea00
SSDEEP

3072:m2AyIQwoDvro+ZwVgwxXIBCc3E0IZKpsM0Jon:m2PIzWv9wV1xhjGsro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2db6c81994aa1b83cdf8df2f73e7e3b_JaffaCakes118

Files

b2db6c81994aa1b83cdf8df2f73e7e3b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a653bc591368bd8767c8d29b0ff6afcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
GetVersion
SystemTimeToFileTime
LoadLibraryW
ReadFile
GetModuleFileNameW
CreateFileW
DeleteFileW
GetThreadContext
GetFileAttributesW
GetCurrentProcessId
ConvertDefaultLocale
lstrcpyW
GetCurrentDirectoryW
WideCharToMultiByte
FindNextFileW
FindClose
InterlockedDecrement
MoveFileW
EnumResourceNamesA
ExitProcess
SetFileTime
EnumResourceLanguagesW
CreateDirectoryW
RemoveDirectoryW
SetFilePointer
GetSystemDefaultLangID
GetLocaleInfoW
MultiByteToWideChar
FindFirstFileW
LocalFileTimeToFileTime
WriteFile
GetProcAddress

gdi32

PtVisible
TextOutW
GetDeviceCaps
DeleteDC
GetBkColor
OffsetViewportOrgEx
RectVisible
SetWindowExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetStockObject
GetTextColor
Escape
ExtSelectClipRgn
SelectObject
SetViewportOrgEx
GetMapMode
ExtTextOutW
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

InvalidateRect
RemovePropW
InvalidateRgn
GetPropW
GetNextDlgTabItem
SetRect
IsRectEmpty
CopyAcceleratorTableW
RegisterWindowMessageW
CharUpperW
GetClassLongW
GetNextDlgGroupItem
SendDlgItemMessageA
CharNextW
CreateWindowExW
WinHelpW
GetClassInfoExW
MessageBeep
SetPropW
DestroyMenu

advapi32

RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryInfoKeyW
RegQueryValueW
RegOpenKeyW
RegCloseKey
RegQueryValueExW

ole32

CoInitialize
CoRevokeClassObject
CoUninitialize
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoTaskMemAlloc
CoGetClassObject
CoRegisterMessageFilter
OleInitialize
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleUninitialize
CoCreateInstance
OleFlushClipboard
CoTaskMemFree
StgCreateDocfileOnILockBytes
CoFreeUnusedLibraries
CLSIDFromString

shlwapi

PathFindFileNameW
PathFileExistsW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathAppendW

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a653bc591368bd8767c8d29b0ff6afcd

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

oleacc

user32

advapi32

ole32

shlwapi

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 69KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 69KB

.edata
Size: 1024B - Virtual size: 96KB