bfefa5ba6421cb61ae63cff06aa5de3c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bfefa5ba6421cb61ae63cff06aa5de3c_JaffaCakes118
Size

704KB
MD5

bfefa5ba6421cb61ae63cff06aa5de3c
SHA1

1551b719aac851e4d63132a04ac1721ac2f1078b
SHA256

b8869f61039487835199dcbf5a2b758dabcfa7e621ea78fc0d78e5f47350576c
SHA512

a242387173e3611abb4f9c82717847656666068ac9c10f267d3bedfaa9c4afe20465662a451f56171671394aec27511bcac5033102ae8c934b3b3c2c9f911295
SSDEEP

12288:3Z4aftBbU1U3ER05bCl7JRtmjeC7UsyWDWOsM3Li+K893grplNRqh4t50H:3ZhU1UigmYjeNfM34Z4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfefa5ba6421cb61ae63cff06aa5de3c_JaffaCakes118

Files

bfefa5ba6421cb61ae63cff06aa5de3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98da5c5c7868dff591ae41ab0bfb0cbd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\fieelfljsy\bom\meqvg\usiwsreo\auettiea\lop.pdb

Imports

ole32

CreateItemMoniker
CreateBindCtx
CoGetClassObject
CoFreeUnusedLibraries
CLSIDFromProgID
OleIsCurrentClipboard
CreateDataAdviseHolder
CLSIDFromString
OleInitialize
StgOpenStorageOnILockBytes
OleFlushClipboard
RegisterDragDrop

comdlg32

GetFileTitleA
GetOpenFileNameA

comctl32

ImageList_GetIconSize
ImageList_Destroy
ImageList_GetIcon
ImageList_EndDrag
_TrackMouseEvent
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_AddMasked
PropertySheetA
ImageList_GetImageInfo
DestroyPropertySheetPage
ImageList_DragMove
ImageList_Add
ImageList_Remove
InitCommonControlsEx
ImageList_LoadImageA
ImageList_Draw
ord17

user32

RegisterClassExW
ReleaseDC
TrackPopupMenu
SendDlgItemMessageA
PostMessageW
OffsetRect
MapDialogRect
MessageBeep
GetClipboardData
InflateRect
RegisterClassW
GetCursorPos
SetFocus

shell32

ord155
SHGetMalloc
SHGetPathFromIDListA
ExtractIconA
ShellExecuteA
DragAcceptFiles
SHBrowseForFolderA
Shell_NotifyIconA
DragFinish

winmm

waveInOpen
waveInReset
waveInPrepareHeader
waveOutReset
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInClose
waveInGetNumDevs

kernel32

FindNextFileW
FlushFileBuffers
GetStartupInfoW
GetFileType
FreeLibrary
InterlockedDecrement
ReadFile
HeapSize
QueryPerformanceCounter
RtlUnwind
OutputDebugStringW
GetModuleFileNameW
GetOEMCP
GetLocaleInfoA
OpenMutexW
GetTimeZoneInformation
RaiseException
CompareStringA
HeapAlloc
GetStartupInfoA
GetModuleHandleA
GetProcAddress
GetCurrentThread
TlsGetValue
GetCurrentProcessId
ExitProcess
WriteFile
TlsAlloc
IsValidCodePage
GlobalLock
VirtualQuery
WideCharToMultiByte
HeapDestroy
GetUserDefaultLCID
MultiByteToWideChar
HeapReAlloc
GlobalFree
GetSystemTimeAsFileTime
CloseHandle
CreateFileA
DeleteFileW
GetTimeFormatA
GetVersionExW
GetModuleFileNameA
FreeEnvironmentStringsW
FindClose
CreateFileW
GetACP
GetConsoleCP
GetFullPathNameW
LeaveCriticalSection
FreeEnvironmentStringsA
GetConsoleMode
LCMapStringW
FindFirstFileW
TlsFree
VirtualFree
HeapCreate
LCMapStringA
SetLastError
SetHandleCount
WriteConsoleA
GetModuleHandleW
InterlockedIncrement
TerminateProcess
GetVersionExA
WriteConsoleW
LoadLibraryA
GetCPInfo
GetStringTypeA
UnhandledExceptionFilter
InitializeCriticalSection
GetCommandLineW
GetCurrentProcess
GetEnvironmentStringsW
VirtualAlloc
GetTickCount
SetEnvironmentVariableA
CreateProcessW
CreateDirectoryW
WaitForSingleObject
FatalAppExitA
GetFileSize
HeapFree
Sleep
GlobalAlloc
GetLocaleInfoW
CreateMutexW
GetProcessHeap
GetStdHandle
SetConsoleCtrlHandler
GetConsoleOutputCP
IsValidLocale
GetCurrentThreadId
SetStdHandle
SetEndOfFile
SetUnhandledExceptionFilter
GetDateFormatA
IsDebuggerPresent
GetEnvironmentStrings
CompareStringW
GetStringTypeW
InterlockedExchange
SetFilePointer
TlsSetValue
GetCommandLineA
DeleteCriticalSection
EnterCriticalSection
GlobalUnlock
GetLastError

advapi32

RegDeleteValueW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
OpenSCManagerW
OpenServiceW
RegOpenKeyExW

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98da5c5c7868dff591ae41ab0bfb0cbd

Headers

File Characteristics

PDB Paths

Imports

ole32

comdlg32

comctl32

user32

shell32

winmm

kernel32

advapi32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 460KB - Virtual size: 458KB

.data Size: 100KB - Virtual size: 98KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 460KB - Virtual size: 458KB

.data
Size: 100KB - Virtual size: 98KB

.rsrc
Size: 48KB - Virtual size: 46KB