b37ad0a93213ba7e762aabe09e2eff4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b37ad0a93213ba7e762aabe09e2eff4d_JaffaCakes118
Size

190KB
MD5

b37ad0a93213ba7e762aabe09e2eff4d
SHA1

3a7f90559c0a666f07f662b563866a08ce21df8b
SHA256

9e91fa3e5920ff6adf1851f341cad240fa1557be44399b8ce1504c55933df074
SHA512

d3a8ed6517733c2d0a175e8712bcc4a52742b70447fb696b3fc38567e3f133e2dc725bfd5fa36c2d8f41f7710c494f931e60b865e297ad9f7e47340ca3097747
SSDEEP

3072:B1JgMn3D/ydA2KUako+VQuwzL++2lfGVP1Rn6udJoAtYJfK7sA3:B1JL3gvvorRL++2K9Rn6MiJfK7x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b37ad0a93213ba7e762aabe09e2eff4d_JaffaCakes118

Files

b37ad0a93213ba7e762aabe09e2eff4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0aecd30f42ee2e6c15187b90ee07601

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBeep
WinHelpW
SetRect
GetNextDlgTabItem
InvalidateRgn
RemovePropW
GetClassLongW
RegisterWindowMessageW
CharUpperW
SetPropW
InvalidateRect
GetPropW
CharNextW
IsRectEmpty
CopyAcceleratorTableW
GetClassInfoExW
SendDlgItemMessageA
CreateWindowExW
GetNextDlgGroupItem
DestroyMenu

shlwapi

PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathAppendW

gdi32

RectVisible
GetTextColor
TextOutW
GetMapMode
GetDeviceCaps
Escape
GetBkColor
PtVisible
GetStockObject
ScaleViewportExtEx
ExtSelectClipRgn
ExtTextOutW
SelectObject
SetWindowExtEx
DeleteDC
OffsetViewportOrgEx
ScaleWindowExtEx
SetViewportOrgEx
GetRgnBox

advapi32

RegSetValueExW
RegQueryValueW
RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW

ole32

StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoRetireServer
CoGetClassObject
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoInitialize
OleFlushClipboard
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString

kernel32

GetModuleFileNameW
SetFilePointer
GetCurrentProcessId
GetCalendarInfoW
MoveFileW
FindNextFileW
GetFileAttributesW
FindClose
SystemTimeToFileTime
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
ReadFile
ConvertDefaultLocale
LocalFileTimeToFileTime
EnumResourceNamesA
EnumResourceLanguagesW
SetFileTime
LoadLibraryW
CreateFileW
GetCurrentDirectoryW
GetSystemDefaultLangID
ExitProcess
InterlockedDecrement
GetVersion
lstrcpyW
RemoveDirectoryW
CreateDirectoryW
WriteFile
GetLocaleInfoW
FindFirstFileW
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0aecd30f42ee2e6c15187b90ee07601

Headers

File Characteristics

Imports

user32

shlwapi

gdi32

advapi32

ole32

kernel32

oleacc

shell32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 80KB - Virtual size: 80KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 80KB - Virtual size: 80KB

.edata
Size: 1024B - Virtual size: 116KB