be5fd23677e3f45d5a32e39f928e3566_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be5fd23677e3f45d5a32e39f928e3566_JaffaCakes118
Size

158KB
MD5

be5fd23677e3f45d5a32e39f928e3566
SHA1

c680e5d05d24acb7a3b68198ce565e4bda2327d9
SHA256

dc78def3c331c5bbb81616a4dca35267bfbf7f5807b03deb9ae6e2a98092fe3f
SHA512

42e8cf34ad186e178f33e6e8c603edbb11c26dc4df5d9d6dd1fb227c3dc084cd50fe38c1665977b656ee4d8231a6c37dab00834e38697b5852b917bc0da8036f
SSDEEP

3072:3ARAEzUI3AOGfte0D9P9HjT0rIm7f1dZJZgJIK/JyknVMmk:3ARdb3NGfYm9VTwImJdEX/8ks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be5fd23677e3f45d5a32e39f928e3566_JaffaCakes118

Files

be5fd23677e3f45d5a32e39f928e3566_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e36d5e1cceea0330fdd26492ec00ae2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
SetTextColor
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SetBkColor
SelectObject
GetTextMetricsA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

user32

SendMessageA
CreateWindowExA
GetWindowLongA
MessageBoxA
CharNextA
DispatchMessageA
PeekMessageA
PostMessageA
PackDDElParam
DestroyWindow
CharPrevA
UpdateWindow
SetWindowTextA
BeginPaint
GetClientRect
EndPaint
DrawTextA
OffsetRect
IsWindow
PostQuitMessage
FindWindowA
GetSystemMetrics
ShowCursor
GetDC
ShowWindow
MoveWindow
ReleaseDC
BringWindowToTop
GetMessageA
TranslateMessage
LoadCursorA
SetFocus
wvsprintfA
InvalidateRect
LoadIconA
LoadStringA
wsprintfA
ExitWindowsEx
CharUpperA
RegisterClassA
UnpackDDElParam
DefWindowProcA
UnregisterClassA

comdlg32

GetOpenFileNameA

advapi32

AdjustTokenPrivileges
RegEnumKeyExA
OpenProcessToken
RegCloseKey
LookupPrivilegeValueA
RegSetValueExA
RegCreateKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA

ole32

CoUninitialize
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize

oleaut32

LoadTypeLi
SysAllocStringLen
VariantChangeTypeEx
VariantClear
VariantTimeToDosDateTime
RegisterTypeLi

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerInstallFileA

kernel32

Sleep
GlobalFree
GlobalAlloc
SetFilePointer
GetACP
CreateFileA
LCMapStringW
LCMapStringA
GetCPInfo
VirtualAlloc
VirtualFree
GetCurrentProcessId
HeapDestroy
SetStdHandle
HeapCreate
SetHandleCount
SetEndOfFile
GetStdHandle
GetStartupInfoA
GetCommandLineA
GetLocalTime
GetSystemTime
GetCurrentDirectoryA
HeapFree
HeapAlloc
GetTimeZoneInformation
ExitProcess
FileTimeToLocalFileTime
TerminateProcess
GetFileType
FileTimeToSystemTime
GetFileAttributesA
GetVersionExA
GetVersion
GetSystemDirectoryA
DosDateTimeToFileTime
HeapReAlloc
LocalFree
GetWindowsDirectoryA
LocalFileTimeToFileTime
SetFileTime
GetModuleHandleA
GetDriveTypeA
SetErrorMode
LoadLibraryA
GetProcAddress
CreateProcessA
FreeLibrary
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
GetStringTypeW
GetStringTypeA
RtlUnwind
GetEnvironmentStringsW
GlobalAddAtomA
LocalAlloc
GlobalDeleteAtom
_lclose
GetFileSize
GetPrivateProfileStringA
LocalLock
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
lstrcatA
lstrcpyA
lstrlenA
lstrcmpiA
SetFileAttributesA
CopyFileA
GetModuleFileNameA
OpenFile
FindClose
IsDBCSLeadByte
WriteFile
CloseHandle
FindFirstFileA
_lread
_lwrite
LocalUnlock
DeleteFileA
MoveFileA
GetExitCodeProcess
GetFullPathNameA
lstrcpynA
GlobalUnlock
GlobalLock
GlobalFindAtomA
GetShortPathNameA
MoveFileExA
MultiByteToWideChar
WideCharToMultiByte
CompareStringA
ReadFile
GetTempFileNameA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTempPathA
GetCurrentProcess

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e36d5e1cceea0330fdd26492ec00ae2

Headers

File Characteristics

Imports

gdi32

shell32

user32

comdlg32

advapi32

ole32

oleaut32

version

kernel32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 14KB - Virtual size: 45KB

.rsrc Size: 37KB - Virtual size: 40KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 14KB - Virtual size: 45KB

.rsrc
Size: 37KB - Virtual size: 40KB