d9fb2759150f599cb4fa6e7059d42413_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9fb2759150f599cb4fa6e7059d42413_JaffaCakes118
Size

185KB
MD5

d9fb2759150f599cb4fa6e7059d42413
SHA1

398cda0a7d29a14f2767f3bc9cdba7f8e23cb82e
SHA256

1aac4aa8e4a2e6db531c5aa4a4151f7d56b56a25cb2df2b346d0956341a554f8
SHA512

947d6065a85bffac64fea43eb4923f4b60e3d380a33e7067bd50e2d72b81dfe66f75bfff80b45c52271a37ebe009e798bd87796787b695683c2d5b840a02ebf2
SSDEEP

3072:pLNmKrY2wW7KultckLEael5a00ciGS6725W8ZRfCdzvFVK6/U8WRG5OXc:x1rN37KYtc1Nl5aYMi20SCNvn/iRAO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9fb2759150f599cb4fa6e7059d42413_JaffaCakes118

Files

d9fb2759150f599cb4fa6e7059d42413_JaffaCakes118
.exe windows:4 windows x86 arch:x86

710af98167fc3c9fdafb160e83217262

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfileOnILockBytes
CoGetClassObject
OleFlushClipboard
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CoRegisterMessageFilter
OleIsCurrentClipboard
CoInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoUninitialize
CLSIDFromProgID
OleInitialize
CoCreateInstance
OleUninitialize
CLSIDFromString

gdi32

GetMapMode
PtVisible
TextOutW
ExtSelectClipRgn
RectVisible
SelectObject
ExtTextOutW
ScaleViewportExtEx
SetViewportOrgEx
DeleteDC
Escape
GetDeviceCaps
SetWindowExtEx
GetBkColor
GetStockObject
OffsetViewportOrgEx
ScaleWindowExtEx
GetTextColor
GetRgnBox

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegQueryValueW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW

kernel32

InterlockedDecrement
SetFileTime
GetCalendarInfoW
FindFirstFileW
GetFileAttributesW
CreateFileW
lstrcpyW
SetFilePointer
GetThreadContext
GetCurrentDirectoryW
WideCharToMultiByte
FindClose
RemoveDirectoryW
LoadLibraryW
GetVersion
MultiByteToWideChar
GetSystemDefaultLangID
GetModuleFileNameW
SystemTimeToFileTime
EnumResourceNamesA
DeleteFileW
EnumResourceLanguagesW
ExitProcess
GetCurrentProcessId
CreateDirectoryW
ReadFile
FindNextFileW
LocalFileTimeToFileTime
WriteFile
GetLocaleInfoW
ConvertDefaultLocale
MoveFileW
GetProcAddress

shlwapi

PathFileExistsW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

SetPropW
RemovePropW
GetNextDlgTabItem
CopyAcceleratorTableW
GetClassLongW
CreateWindowExW
SendDlgItemMessageA
InvalidateRect
CharUpperW
CharNextW
RegisterWindowMessageW
GetNextDlgGroupItem
GetPropW
WinHelpW
IsRectEmpty
GetClassInfoExW
InvalidateRgn
SetRect
MessageBeep
DestroyMenu

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

710af98167fc3c9fdafb160e83217262

Headers

File Characteristics

Imports

ole32

gdi32

shell32

advapi32

kernel32

shlwapi

oleacc

user32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 244KB