d146c845ed83eb45478d6ad5046fd4bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d146c845ed83eb45478d6ad5046fd4bb_JaffaCakes118
Size

176KB
MD5

d146c845ed83eb45478d6ad5046fd4bb
SHA1

f9745ac493ae33dfea4611137458d8ba9fc354c5
SHA256

631ef231081fae36c71573191f0bbb62e0244b45490ed2ca69fa5ad222743e28
SHA512

1ea96d15d987b1f6f678b22cf2571dc9d8f858ddb4ff5d769f60f15dc02b1114a1f3b03963c8b320932e40229906baacf6c749c9137728ceaf304fb116a95dac
SSDEEP

3072:PtAjuG0zKIaK0DTEBcFcYyyGfKsZJfmtvfZIe6C1YlPfT54LgkPaZnb5D2qjTivB:VAz0zKIx00uWaajm5xBXClXl7kYbZ2yC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d146c845ed83eb45478d6ad5046fd4bb_JaffaCakes118

Files

d146c845ed83eb45478d6ad5046fd4bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

828487c439a820c68f88395984ca5593

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

ole32

CreateBindCtx
MkParseDisplayName
PropVariantClear
CoGetContextToken

version

VerQueryValueA
VerFindFileA

oleaut32

SafeArrayUnaccessData
GetErrorInfo
SysFreeString
OleLoadPicture
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayCreate
SysStringLen
SafeArrayPtrOfIndex

kernel32

GetStringTypeW
VirtualAlloc
GetModuleHandleA
ExitProcess
GetStdHandle
lstrlenA
GetStartupInfoA
GetStringTypeA
GetProcessHeap
GetOEMCP

shell32

SHGetDiskFreeSpaceA
SHGetFileInfoA
SHGetSpecialFolderLocation
DragQueryFileA

user32

GetClassLongA
LoadStringA
LoadKeyboardLayoutA
LoadCursorA
EnumWindows
MapWindowPoints
ScreenToClient
SendMessageA
UnregisterClassA
CallWindowProcA
IsWindowVisible
GetParent
KillTimer
SendMessageW
AdjustWindowRectEx
InflateRect
UnhookWindowsHookEx
IntersectRect
GetCursorPos
PtInRect
SetForegroundWindow
IsWindow
SetCapture
CharUpperBuffA
EnableScrollBar
SetWindowLongW
IsDialogMessageW
LoadBitmapA
DestroyCursor
EndPaint
GetScrollPos
IsCharUpperA
GetClientRect
ClientToScreen
GetWindowLongA
IsIconic
DrawFrameControl
DestroyWindow
WaitMessage
GetKeyboardLayoutList
RegisterClipboardFormatA
GetClassInfoA
DrawEdge
CharLowerBuffA
CreateWindowExA
GetActiveWindow
GetDCEx
GetSysColor
GetMessagePos
SetWindowPos
GetDlgItem
ChildWindowFromPoint
GetDC
InsertMenuA
GetForegroundWindow
GetIconInfo
GetPropA
GetKeyState
wsprintfA
FillRect
RegisterClassA
PostMessageA
DispatchMessageA
SetMenu
GetScrollInfo
GetWindowDC
SetPropA
SetScrollRange
GetWindow
DrawMenuBar
GetFocus
GetSystemMenu
RemovePropA
InvalidateRect
GetClassNameA
TranslateMDISysAccel
GetCursor
MessageBoxA
GetMenuStringA
TrackPopupMenu
SetWindowsHookExA
DefMDIChildProcA
ReleaseCapture
SetClassLongA
ShowWindow
GetMenuState
EnableWindow
GetKeyboardState
IsWindowUnicode
IsDialogMessageA
SetWindowPlacement
ReleaseDC
PostQuitMessage
DispatchMessageW
GetScrollRange
CreateIcon
MapVirtualKeyA
GetWindowTextLengthA
GetMenu
ScrollWindow
DrawTextA
MoveWindow
EqualRect
GetSystemMetrics
GetWindowLongW
GetKeyboardLayout
GetTopWindow
GetWindowTextA
CharToOemA
GetSubMenu
GetDesktopWindow
WindowFromPoint
TranslateMessage
GetWindowPlacement

advapi32

RegCreateKeyExA
RegDeleteValueA
RegOpenKeyA
RegEnumValueA

comdlg32

GetFileTitleA

gdi32

GetClipBox
SetTextColor
GetTextColor

msvcrt

sprintf
wcstol
swprintf
tolower
rand

comctl32

ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Remove

Exports

Exports

23F
R
0wg@20

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 415B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

828487c439a820c68f88395984ca5593

Headers

File Characteristics

Imports

ole32

version

oleaut32

kernel32

shell32

user32

advapi32

comdlg32

gdi32

msvcrt

comctl32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 143KB - Virtual size: 199KB

.tls Size: 512B - Virtual size: 415B

.rdata Size: 1KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 143KB - Virtual size: 199KB

.tls
Size: 512B - Virtual size: 415B

.rdata
Size: 1KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 15KB