b4234cd38e70b4fe57f3b1efac34b5e3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b4234cd38e70b4fe57f3b1efac34b5e3_JaffaCakes118
Size

212KB
MD5

b4234cd38e70b4fe57f3b1efac34b5e3
SHA1

c53dfa3c14e3e32079f16460ccb6e1d9b3ee805e
SHA256

96fa730757efa19dac83e5276f4d83ed35855d525bce18bb5eb8cbb515475e99
SHA512

ba48698bbe6958065cf17784cfbf25d1ffbf69e700745624d73dfafc1dc73f1008460fab2b258671ed16158f673ee7db9595039850d52b26bf421ebf8d139178
SSDEEP

3072:eoBcpAidg7hE0tUfmAuAppN3BNu3ASVj8xk6/KhtgEhNtAPC1pUgc:zSpAkg7RtAmA/DTuRVxhthNtAPCPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4234cd38e70b4fe57f3b1efac34b5e3_JaffaCakes118

Files

b4234cd38e70b4fe57f3b1efac34b5e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1113c29eef58363f7223bfb995efc951

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AdjustWindowRectEx
DeleteMenu
EnableWindow
FindWindowA
GetDCEx
GetDlgItem
GetSysColorBrush
GetSystemMenu
InsertMenuItemA
InvalidateRect
IsRectEmpty
IsWindowEnabled
MessageBeep
PeekMessageA
RedrawWindow
RemoveMenu
SendMessageA
SetClassLongA
SetCursor
SetForegroundWindow
SetScrollPos
SetWindowLongA
TrackPopupMenu
UnhookWindowsHookEx

gdi32

AbortDoc
CopyMetaFileA
CreateDCW
CreateFontA
CreatePolygonRgn
CreateRectRgn
DeleteEnhMetaFile
DeleteMetaFile
EnumFontsA
GetCurrentObject
GetDIBColorTable
GetEnhMetaFileHeader
GetNearestColor
GetPixel
GetTextFaceW
GetTextMetricsA
GetWindowExtEx
MaskBlt
OffsetViewportOrgEx
PolyBezierTo
RectInRegion
SaveDC
SetColorAdjustment
SetTextColor

kernel32

CompareFileTime
CreateDirectoryA
DeleteCriticalSection
FindFirstFileA
FindNextFileA
FindResourceW
FlushFileBuffers
GetCPInfo
GetFileSize
GetStartupInfoW
GetSystemDirectoryA
GetTimeZoneInformation
SetErrorMode
SetStdHandle
WideCharToMultiByte
WritePrivateProfileStringA

ole32

CLSIDFromProgID
CoInitialize
CoReleaseMarshalData
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemRealloc
GetRunningObjectTable
OleGetClipboard
OleSetClipboard
OleUninitialize
PropVariantClear

shell32

ExtractIconExW
ExtractIconW
SHAddToRecentDocs
SHBrowseForFolderA
SHBrowseForFolderW
SHCreateDirectoryExA
SHCreateDirectoryExW
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW

advapi32

CheckTokenMembership
CryptDestroyHash
CryptHashData
GetSecurityDescriptorDacl
InitiateSystemShutdownA
RegCreateKeyExA
RegCreateKeyExW
RegEnumValueW
RegFlushKey
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

comctl32

ImageList_Destroy
ImageList_EndDrag
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_Read
ImageList_Remove
ImageList_SetDragCursorImage
InitCommonControlsEx

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

uYxMWgIX
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1113c29eef58363f7223bfb995efc951

Headers

File Characteristics

Imports

user32

gdi32

kernel32

ole32

shell32

advapi32

comctl32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

uYxMWgIX Size: 2KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

uYxMWgIX
Size: 2KB - Virtual size: 120KB