b4371c437c56e591afba86095404aee3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4371c437c56e591afba86095404aee3_JaffaCakes118
Size

172KB
MD5

b4371c437c56e591afba86095404aee3
SHA1

03c22a780de5a88148f73d78326784a38e4bd2c8
SHA256

4629c2ddfab3a72f54b04d41058a335a0d08cfd8476a372d379f789db3ae5340
SHA512

5cb4d2a451f49f0f5b4ea3e5833d0be20aef6395c8ef8e954d633b059a5a4d244b6c5d4bab9e14db628775ddb1efbed69a031be9f50d59884f63685a0b00eae4
SSDEEP

3072:c7MzGc/WuWZLtvWWXzfJjagfghHK2CrdcJzyeREtvyddCkjQdOQ4AaAtPd20T:T/uL3Ra/CrOJvREtqjQvaAtP8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4371c437c56e591afba86095404aee3_JaffaCakes118

Files

b4371c437c56e591afba86095404aee3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb6bc81921ef4df758c3f7c233570d48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
RegQueryValueW
RegOpenKeyW
RegQueryValueExW

ole32

CoUninitialize
OleIsCurrentClipboard
CoTaskMemAlloc
CoFreeUnusedLibraries
OleInitialize
OleFlushClipboard
CoInitialize
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoRegisterMessageFilter
CLSIDFromProgID
OleUninitialize
CoCreateInstance
CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromString

gdi32

RestoreDC
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
GetRgnBox
DeleteObject
OffsetViewportOrgEx
GetBkColor
CreateBitmap
GetMapMode
SaveDC
GetObjectW
DeleteDC
TextOutW
GetTextColor
SetTextColor
ScaleWindowExtEx
ExtTextOutW
ExtSelectClipRgn
SetViewportOrgEx
SetMapMode
SetBkColor
Escape
RectVisible
SetWindowExtEx
PtVisible
GetDeviceCaps
GetStockObject
GetWindowExtEx
SelectObject
GetClipBox
CreateRectRgnIndirect

comdlg32

GetFileTitleW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

kernel32

RaiseException
GetLocaleInfoW
MultiByteToWideChar
WriteFile
GetACP
GetCalendarInfoA
RemoveDirectoryW
CreateMutexW
CreateDirectoryW
GetThreadLocale
SetFileTime
GetCurrentProcessId
GetSystemDefaultLangID
SetThreadContext
DeleteCriticalSection
InterlockedExchange
GetLocaleInfoA
EnumResourceLanguagesW
FindClose
SizeofResource
ConvertDefaultLocale
ReadFile
GetVersionExW
InterlockedDecrement
GetVersion
LocalFileTimeToFileTime
SetFilePointer
SystemTimeToFileTime
GetModuleHandleW
EnumResourceNamesA
CloseHandle
GetCurrentDirectoryW
LoadResource
MoveFileW
DeleteFileW
lstrcmpiA
ExitProcess
VirtualFree
FindFirstFileW
GetModuleFileNameW
InitializeCriticalSection
FreeLibrary
WaitForSingleObject
CreateFileW
FindResourceW
WideCharToMultiByte
LoadLibraryW
LockResource
FindNextFileW
lstrcpyW
ReleaseMutex
GetProcAddress
GetFileAttributesW
lstrcmpA

shlwapi

PathFindExtensionW
PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathAppendW

user32

GetWindowPlacement
InvalidateRect
GetClassLongW
SetActiveWindow
OffsetRect
MessageBeep
RegisterWindowMessageW
DefWindowProcW
SendDlgItemMessageA
GetClassInfoW
WinHelpW
CreateWindowExW
GetMessageTime
GetClientRect
LoadIconW
GetMenu
IntersectRect
EqualRect
GetMessagePos
CharNextW
GetNextDlgTabItem
CopyAcceleratorTableW
GetForegroundWindow
GetPropW
RegisterClassW
UpdateWindow
AdjustWindowRectEx
GetTopWindow
GetClassInfoExW
IsRectEmpty
InvalidateRgn
SetForegroundWindow
MapWindowPoints
CharUpperW
GetNextDlgGroupItem
CallWindowProcW
IsWindow
IsIconic
IsChild
RemovePropW
SetPropW
SetRect
DestroyMenu

oledlg

OleUIBusyW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb6bc81921ef4df758c3f7c233570d48

Headers

File Characteristics

Imports

advapi32

ole32

gdi32

comdlg32

shell32

kernel32

shlwapi

user32

oledlg

winspool.drv

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 67KB - Virtual size: 66KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 67KB - Virtual size: 66KB

.edata
Size: 1024B - Virtual size: 92KB