da9b41a245f6fc97cd97e2495c4d69b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da9b41a245f6fc97cd97e2495c4d69b5_JaffaCakes118
Size

192KB
MD5

da9b41a245f6fc97cd97e2495c4d69b5
SHA1

7ffd97eda5d94034f148cee5af7ed876d43ac271
SHA256

c230c590a26283adf44cebb0883a61f153de51f63dc6e59cb0b377467af84ed8
SHA512

0ff070c1b910d64a13c4a68fb2ad334db9c5fff3b3c0294e30a9deea94c318f2a2da66b1086231ee56e27fe4dfc5da25f2d7f8386689c060d613244a2a739e84
SSDEEP

3072:SSDA9TNM2PEakZrGshz7BKLebz2AW/sMrT5lky686da:S0sTNM2PK3WLbsEc86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da9b41a245f6fc97cd97e2495c4d69b5_JaffaCakes118

Files

da9b41a245f6fc97cd97e2495c4d69b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d26567df0e1c690e66fc31d6e43fd8a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassInfoExW
SetPropW
GetClassLongW
GetNextDlgGroupItem
CopyAcceleratorTableW
CharNextW
CreateWindowExW
WinHelpW
SendDlgItemMessageA
IsRectEmpty
CharUpperW
MessageBeep
RegisterWindowMessageW
SetRect
RemovePropW
InvalidateRect
GetPropW
GetNextDlgTabItem
InvalidateRgn
DestroyMenu

gdi32

ScaleWindowExtEx
GetBkColor
ScaleViewportExtEx
OffsetViewportOrgEx
GetStockObject
SetViewportOrgEx
SelectObject
RectVisible
GetDeviceCaps
GetTextColor
SetWindowExtEx
TextOutW
ExtSelectClipRgn
ExtTextOutW
DeleteDC
PtVisible
GetMapMode
Escape
GetRgnBox

kernel32

MoveFileW
LocalFileTimeToFileTime
GetCalendarInfoW
WideCharToMultiByte
ReadFile
LoadLibraryW
MultiByteToWideChar
DeleteFileW
GetThreadContext
ConvertDefaultLocale
GetCurrentDirectoryW
WriteFile
lstrcpyW
SetFilePointer
EnumResourceLanguagesW
GetCurrentProcessId
SetFileTime
CreateFileW
SystemTimeToFileTime
EnumResourceNamesA
InterlockedDecrement
GetFileAttributesW
ExitProcess
GetModuleFileNameW
GetSystemDefaultLangID
RemoveDirectoryW
CreateDirectoryW
FindNextFileW
GetLocaleInfoW
FindFirstFileW
GetVersion
FindClose
GetProcAddress

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathRemoveFileSpecW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
OleIsCurrentClipboard
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleUninitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoGetClassObject
CoInitialize
StgCreateDocfileOnILockBytes
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
OleInitialize
OleFlushClipboard
CoUninitialize
CoRevokeClassObject
CLSIDFromString

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegQueryValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d26567df0e1c690e66fc31d6e43fd8a3

Headers

File Characteristics

Imports

user32

gdi32

kernel32

oleacc

shlwapi

shell32

ole32

advapi32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 75KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 75KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 116KB