e17a9937cb0314c22aeba5804727151f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e17a9937cb0314c22aeba5804727151f_JaffaCakes118
Size

1.6MB
MD5

e17a9937cb0314c22aeba5804727151f
SHA1

7664cd1fbc1f8e68f9d93804e33cc508ef782ddd
SHA256

d9f3cf9f073e02d14f819cd44aaee9eff2da0fdbeef50c964902c690b64e28d6
SHA512

e3cf44d50c57be8778a890cda4e45f5b0e70a9eb0f8f9eb8e57a197a962cedd87980b9ce73bf4e803d1fee0bf3cc9f4a585bf8de7da3b693335269e32cb88a73
SSDEEP

49152:2I0C+zCYncpV+zOM7jyvFdnMCQOXkq+lh7nLF0Xd:ICmCcc6CDNQO0q+3bLy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e17a9937cb0314c22aeba5804727151f_JaffaCakes118

Files

e17a9937cb0314c22aeba5804727151f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf48248daba76152d8b5cff460452c87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

ole32

PropVariantClear
CoGetContextToken
CLSIDFromString
WriteClassStm
CoUninitialize
CLSIDFromProgID
CreateStreamOnHGlobal
CreateOleAdviseHolder

comctl32

ImageList_Destroy

shell32

SHGetFileInfoA
SHFileOperationA

kernel32

GlobalDeleteAtom
GlobalAddAtomA
lstrlenA
VirtualAllocEx
GlobalFindAtomA
GetCurrentThreadId
GetVersionExA

user32

DrawEdge
IsZoomed
UnregisterClassA
DestroyIcon
IntersectRect
EnumThreadWindows
LoadIconA
IsCharUpperA
DispatchMessageA
GetForegroundWindow
GetIconInfo
CreatePopupMenu
GetActiveWindow
ReleaseCapture
GetSystemMenu
GetCapture
SetCursor
MapVirtualKeyA
GetKeyboardState
GetMessagePos
EndPaint
MessageBoxA
IsWindowEnabled
IsDialogMessageW
CreateMenu
PeekMessageW
DrawIconEx
LoadBitmapA
SetMenu
GetWindowPlacement
GetClipboardData
GetMenuState
SetWindowPlacement
LoadKeyboardLayoutA
GetScrollPos
OemToCharA
EnableWindow
CharLowerBuffA
GetKeyboardLayoutList
SetWindowLongW
RegisterClassA
TrackPopupMenu
DestroyMenu
CreateWindowExA
InvalidateRect
wsprintfA
FrameRect
GetMenu
CharLowerA
SetRect
SetWindowLongA
DestroyCursor
DispatchMessageW
SetCapture
GetWindowDC
GetCursor
DrawMenuBar
CharToOemA
DeleteMenu
DestroyWindow
TranslateMessage
GetWindowThreadProcessId
RegisterWindowMessageA
CharUpperBuffA
RegisterClipboardFormatA
DrawAnimatedRects
SetTimer
SetClassLongA
PostMessageA
RedrawWindow
EqualRect
GetMenuItemCount
RemovePropA
IsWindow
DefFrameProcA
TranslateMDISysAccel
CharUpperA
GetSubMenu
SetPropA
GetMenuStringA
UnhookWindowsHookEx
GetWindowLongA
GetWindowLongW
SetForegroundWindow
ReleaseDC
SendMessageW
SetWindowsHookExA
GetDC
WindowFromPoint
CallNextHookEx
MapWindowPoints
PtInRect
CharNextW
GetMenuItemID
GetKeyboardLayoutNameA
DefWindowProcA
SetParent
FillRect
InsertMenuItemA
GetScrollRange
GetParent
GetDlgItem
GetClassInfoA
EmptyClipboard
InsertMenuA
UpdateWindow
IsIconic
CloseClipboard
GetWindowTextLengthA
EnableScrollBar
AdjustWindowRectEx
MsgWaitForMultipleObjects
WaitMessage
MessageBeep
GetWindowRect
GetKeyState
GetTopWindow
CreateIcon
ScreenToClient
ShowScrollBar
GetSysColor
IsChild
GetSysColorBrush
BeginPaint
GetLastActivePopup
GetDCEx
InflateRect
OffsetRect
SetClipboardData
RemoveMenu
SetFocus
KillTimer
FindWindowA
ShowWindow
CallWindowProcA
DrawTextA
ChildWindowFromPoint
GetPropA
DefMDIChildProcA
GetScrollInfo
SetMenuItemInfoA
ClientToScreen
SetScrollInfo
GetCursorPos
PostQuitMessage
CheckMenuItem
GetFocus
SetWindowTextA
DrawIcon
GetKeyNameTextA
GetSystemMetrics
IsDialogMessageA
SystemParametersInfoA
GetKeyboardLayout
CharNextA
EnumWindows
IsWindowUnicode
GetWindow
DrawFrameControl
SetActiveWindow
GetMenuItemInfoA
MoveWindow
SetScrollPos

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
FindTextA

advapi32

GetLengthSid
RegOpenKeyExA

version

VerInstallFileA
VerQueryValueA

msvcrt

tolower
exit
atol
_acmdln
sqrt
srand
calloc
memset
sprintf
clock
rand
memcpy

oleaut32

SysStringLen
SafeArrayGetUBound
SafeArrayUnaccessData
VariantCopyInd
SafeArrayGetElement
SysFreeString
OleLoadPicture
SafeArrayPtrOfIndex

shlwapi

PathIsContentTypeA
PathFileExistsA
PathIsDirectoryA
SHSetValueA

Exports

Exports

cS@4

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf48248daba76152d8b5cff460452c87

Headers

File Characteristics

Imports

ole32

comctl32

shell32

kernel32

user32

comdlg32

advapi32

version

msvcrt

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 12KB

DATA Size: 1.6MB - Virtual size: 1.6MB

.edata Size: 2KB - Virtual size: 4.2MB

.idata Size: 7KB - Virtual size: 8KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.bss Size: 2KB - Virtual size: 4KB

.rsrc Size: 18KB - Virtual size: 20KB

.text
Size: 10KB - Virtual size: 12KB

DATA
Size: 1.6MB - Virtual size: 1.6MB

.edata
Size: 2KB - Virtual size: 4.2MB

.idata
Size: 7KB - Virtual size: 8KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.bss
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 18KB - Virtual size: 20KB