c010f4909d8881470ba595e93a2ce818_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c010f4909d8881470ba595e93a2ce818_JaffaCakes118
Size

205KB
MD5

c010f4909d8881470ba595e93a2ce818
SHA1

4afb769077b88ccae45790b547b9b07d6e8596e1
SHA256

7c0f8d4877190885830599b231b0b5d7343ed42e46b843ac9fbb3742f84edd2a
SHA512

6e12d3976d75c707e02d60343eca0a48d977a88e1a9c5ed816858087dd0bec560329edb8e0686e4b484e9c9c1685ca2385c2e0cb4eadb5380d5e8484f9ac1f3c
SSDEEP

6144:5VPB669z0+jaM3oqOO4rLZqw4Dw33/mAdBI:vh9bjaGoFc38dBI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c010f4909d8881470ba595e93a2ce818_JaffaCakes118

Files

c010f4909d8881470ba595e93a2ce818_JaffaCakes118
.exe windows:4 windows x86 arch:x86

087f3ed69beff8d68ab47b8ef0e84bc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegEnumKeyA
RegQueryValueExA

ole32

CoCreateInstance
OleInitialize
OleUninitialize
CoTaskMemFree

user32

CheckDlgButton
IsWindowVisible
SetForegroundWindow
GetClientRect
LoadCursorA
CallWindowProcA
SendMessageTimeoutA
AppendMenuA
CharNextA
InvalidateRect
CloseClipboard
SetWindowPos
SetClassLongA
SendMessageA
SetTimer
EnableMenuItem
GetDlgItemTextA
DefWindowProcA
GetMessagePos
RegisterClassA
BeginPaint
SetDlgItemTextA
FindWindowExA
wsprintfA
GetSystemMenu
MessageBoxIndirectA
GetDlgItem
ShowWindow
SetCursor
SystemParametersInfoA
OpenClipboard
LoadImageA
CreateDialogParamA
DrawTextA
GetDC
DialogBoxParamA
EnableWindow
EndPaint
CreatePopupMenu
ExitWindowsEx
SetWindowLongA
ScreenToClient
IsWindowEnabled
SetClipboardData
CharPrevA
EmptyClipboard
GetWindowLongA
IsWindow
FillRect
DispatchMessageA
PostQuitMessage
PeekMessageA
TrackPopupMenu
GetWindowRect
DestroyWindow
SetWindowTextA
GetClassInfoA
LoadBitmapA
GetSysColor
GetSystemMetrics
CreateWindowExA
EndDialog

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

comctl32

ImageList_Destroy
ImageList_AddMasked

kernel32

GetVersionExA
GetLastError
GetEnvironmentVariableW
GetProcAddress
CompareStringW
lstrcmpiW
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GetProcessHeap
GetVersion
SetUnhandledExceptionFilter
QueryPerformanceCounter
WideCharToMultiByte
GetProcessVersion
Sleep
GetStringTypeExA
LoadLibraryA
ExitProcess
InterlockedCompareExchange
UnhandledExceptionFilter
FreeLibrary
GetEnvironmentVariableA
CompareStringA
GetThreadLocale
FormatMessageA
MultiByteToWideChar
GetLocaleInfoA
GetACP
GetStartupInfoA
lstrlenA
lstrlenW
GetStringTypeExW
IsDebuggerPresent
InterlockedExchange
lstrcmpiA
HeapAlloc
HeapFree

ddraw

DirectDrawCreate
DirectDrawEnumerateA
DirectDrawCreateEx

shell32

SHBrowseForFolderA
SHFileOperationA
ShellExecuteA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

gdi32

SetTextColor
CreateFontIndirectA
SetBkMode
SelectObject
DeleteObject
CreateBrushIndirect
GetDeviceCaps
SetBkColor

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

087f3ed69beff8d68ab47b8ef0e84bc4

Headers

File Characteristics

Imports

advapi32

ole32

user32

version

comctl32

kernel32

ddraw

shell32

gdi32

Sections

.text Size: 131KB - Virtual size: 130KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 68KB - Virtual size: 67KB

.rsrc Size: 1024B - Virtual size: 244KB

.text
Size: 131KB - Virtual size: 130KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 1024B - Virtual size: 244KB