b8516be1661d969fb7ba4b6cd62ee9f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b8516be1661d969fb7ba4b6cd62ee9f0_JaffaCakes118
Size

181KB
MD5

b8516be1661d969fb7ba4b6cd62ee9f0
SHA1

784d333aee9fb81d5987275d0912e1a59c8d6c4a
SHA256

6ab25c0f1be036fbc2c70567efda4ef814627f50ac04361a1abf686f5ee48183
SHA512

806f5f890220bbdc2c7578a876fd03eb7f33c489c00295a1c8907d13026f73ff583bec12af4d814a6881b8e8f2bb69370ccb5c5a8f54645b4d65ca5b4c19ac7f
SSDEEP

3072:30z+hJDGo+FDH5SJN5jF56f4c3zey5j5oi2IgVTsK8WdfYg13RqKFsqtN1cem0OV:kz+h4Bt4j34hDT5lhTgVTJd31NF560an

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8516be1661d969fb7ba4b6cd62ee9f0_JaffaCakes118

Files

b8516be1661d969fb7ba4b6cd62ee9f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a889ea00862f6228bfd815930c10f1d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegCloseKey
RegQueryValueW
RegQueryInfoKeyW
RegOpenKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

oledlg

OleUIBusyW

comdlg32

GetFileTitleW

shlwapi

PathStripToRootW
PathIsUNCW
PathFileExistsW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
PathAppendW

ole32

CoGetClassObject
CoTaskMemFree
OleInitialize
OleUninitialize
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
OleFlushClipboard
CoUninitialize
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoInitialize
CoCreateInstance
CoFreeUnusedLibraries
OleIsCurrentClipboard
CLSIDFromString

user32

CallWindowProcW
IntersectRect
InvalidateRgn
GetNextDlgGroupItem
GetClassInfoW
GetWindowPlacement
IsWindow
RemovePropW
GetClientRect
SetForegroundWindow
GetNextDlgTabItem
CreateWindowExW
CharUpperW
GetPropW
SendDlgItemMessageA
GetClassLongW
AdjustWindowRectEx
GetMenu
WinHelpW
GetClassInfoExW
IsChild
GetMessageTime
RegisterClassW
MessageBeep
SetPropW
CharNextW
GetTopWindow
SetActiveWindow
MapWindowPoints
DefWindowProcW
EqualRect
OffsetRect
CopyAcceleratorTableW
RegisterWindowMessageW
IsRectEmpty
SetRect
IsIconic
GetMessagePos
InvalidateRect
GetForegroundWindow
UpdateWindow
LoadIconW
DestroyMenu

gdi32

PtVisible
SaveDC
GetViewportExtEx
GetRgnBox
GetObjectW
TextOutW
GetMapMode
SetViewportExtEx
OffsetViewportOrgEx
SetTextColor
RectVisible
SetViewportOrgEx
ScaleWindowExtEx
CreateBitmap
Escape
ExtTextOutW
GetDeviceCaps
GetClipBox
ScaleViewportExtEx
GetTextColor
SetBkColor
SetMapMode
GetBkColor
RestoreDC
DeleteDC
SetWindowExtEx
GetWindowExtEx
DeleteObject
SelectObject
GetStockObject
ExtSelectClipRgn
CreateRectRgnIndirect

kernel32

CreateMutexW
GetCalendarInfoA
GetCurrentProcessId
CreateFileW
EnumResourceLanguagesW
ReleaseMutex
LoadLibraryW
GetSystemDefaultLangID
WideCharToMultiByte
SizeofResource
ReadFile
GetFileAttributesW
FindNextFileW
GetACP
RemoveDirectoryW
InitializeCriticalSection
GetLocaleInfoA
GetThreadContext
DeleteFileW
FreeLibrary
GetProcAddress
ConvertDefaultLocale
RaiseException
SystemTimeToFileTime
EnumResourceNamesA
SetFileTime
WriteFile
GetVersion
FindClose
GetThreadLocale
lstrcpyW
MoveFileW
GetVersionExW
CloseHandle
LocalFileTimeToFileTime
WaitForSingleObject
GetModuleHandleW
InterlockedDecrement
lstrcmpiA
VirtualFree
GetLocaleInfoW
ExitProcess
FindFirstFileW
FindResourceW
InterlockedExchange
SetFilePointer
LockResource
MultiByteToWideChar
GetModuleFileNameW
GetCurrentDirectoryW
LoadResource
DeleteCriticalSection
CreateDirectoryW
lstrcmpA

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a889ea00862f6228bfd815930c10f1d4

Headers

File Characteristics

Imports

advapi32

winspool.drv

oledlg

comdlg32

shlwapi

ole32

user32

gdi32

kernel32

shell32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 244KB