d20db46ef899ce3dda9236cc0b7e7929_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d20db46ef899ce3dda9236cc0b7e7929_JaffaCakes118
Size

376KB
MD5

d20db46ef899ce3dda9236cc0b7e7929
SHA1

4e67f97ca9d3a78a87e0e4d878913915a585a1af
SHA256

711285fd248a2f0641bf017d8f4bd85efb9f81cf895ebd006947aa07c3ccbcfc
SHA512

a122a380edd27236e12454908443cb1a99b95491fceb40656660e0832e4f1c79f247bb52ce2232ed9b423339b3120b6e3b382c9c7ac20ca7eeb6670f99c46794
SSDEEP

6144:8Xfp6v10XVgXmml8O9vOupZ7jsVepmThw2iiVie/s4Z4a01:W4GXVg2m28Wun7jlIThw2iiAe/s4Z4aQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d20db46ef899ce3dda9236cc0b7e7929_JaffaCakes118

Files

d20db46ef899ce3dda9236cc0b7e7929_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75bbd2860f8303f22bdeee43d8afffa9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromIID
StgOpenStorage
CoTaskMemFree

comdlg32

GetOpenFileNameA

oleaut32

VariantCopyInd
GetErrorInfo
SysStringLen
SafeArrayUnaccessData

user32

LoadIconA
RemoveMenu
LoadBitmapA
MessageBoxA
MapWindowPoints
PtInRect
PostQuitMessage
LoadStringA
RegisterWindowMessageA
OffsetRect
OemToCharA
LoadCursorA
ReleaseCapture
LoadKeyboardLayoutA
PostMessageA
ScrollWindow
SendMessageA
RegisterClassA
PeekMessageA
OpenClipboard
MessageBeep
ReleaseDC
SetActiveWindow
RegisterClipboardFormatA
PeekMessageW
RedrawWindow
ScreenToClient
SendMessageW
MapVirtualKeyA
RemovePropA

comctl32

ImageList_Create
ImageList_GetBkColor
ImageList_Add
ImageList_Write

shlwapi

SHEnumValueA
SHDeleteKeyA

gdi32

SetBkColor
CreateDIBitmap
GetClipBox
CreatePalette
GetBitmapBits
CreatePenIndirect
GetCurrentPositionEx
GetDIBits
SetBkMode
CreateFontIndirectA

version

VerQueryValueA
GetFileVersionInfoA
VerFindFileA

kernel32

WideCharToMultiByte
GetVersionExA
GetModuleHandleA
MoveFileA
LoadLibraryA
MoveFileExA
lstrcmpiA
lstrcpynA
lstrlenA
MulDiv
lstrcatA
ExitThread
GetProcAddress
LocalReAlloc
VirtualAlloc
LoadLibraryExA
LocalAlloc
LocalFree
GlobalAlloc
lstrlenW
GetCommandLineA
lstrcmpA
VirtualFree
VirtualAllocEx
VirtualQuery
ExitProcess
IsBadReadPtr
WaitForSingleObject
HeapDestroy
SizeofResource
GetCommandLineW
WriteFile
lstrcpyA

advapi32

RegEnumKeyA

shell32

SHGetSpecialFolderLocation

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 867B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc7
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc0
Size: 464B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc6
Size: 39B - Virtual size: 39B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc9
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 976B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75bbd2860f8303f22bdeee43d8afffa9

Headers

File Characteristics

Imports

ole32

comdlg32

oleaut32

user32

comctl32

shlwapi

gdi32

version

kernel32

advapi32

shell32

Sections

.text Size: 72KB - Virtual size: 72KB

DATA Size: 867B - Virtual size: 867B

.rsrc7 Size: 1KB - Virtual size: 1KB

.rsrc0 Size: 464B - Virtual size: 464B

.rsrc6 Size: 39B - Virtual size: 39B

.rsrc2 Size: 3KB - Virtual size: 3KB

.rsrc9 Size: 268KB - Virtual size: 268KB

.rsrc Size: 976B - Virtual size: 976B

.text
Size: 72KB - Virtual size: 72KB

DATA
Size: 867B - Virtual size: 867B

.rsrc7
Size: 1KB - Virtual size: 1KB

.rsrc0
Size: 464B - Virtual size: 464B

.rsrc6
Size: 39B - Virtual size: 39B

.rsrc2
Size: 3KB - Virtual size: 3KB

.rsrc9
Size: 268KB - Virtual size: 268KB

.rsrc
Size: 976B - Virtual size: 976B