f97be49a29ad81f9f160b4cd832d97e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f97be49a29ad81f9f160b4cd832d97e4_JaffaCakes118
Size

158KB
MD5

f97be49a29ad81f9f160b4cd832d97e4
SHA1

973ffd85b61725c8969ca7fe8db443b5ebc7d2e0
SHA256

74e0182bd9b024de87f6cd148ee78b7621c0126d1890357c2c3ac1553743be94
SHA512

3ff30789f9cc3d595ab6c9b0d9d0a2ebf2c63f1f41c997bf9c299e7f690e6d292094620d8c31a6ad97b7decad9a1b8841d71758205e908b5aa6bb135af940c89
SSDEEP

3072:kH1MYj9OafSwE7dWDRL7EPou77xbGuGvZJZgUbs/JRY7n:kH1jMaf3udc7couhWZI/g7n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f97be49a29ad81f9f160b4cd832d97e4_JaffaCakes118

Files

f97be49a29ad81f9f160b4cd832d97e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4159a9ccafdc9e418bec02d791aa5942

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextColor
GetStockObject
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SetBkColor
SelectObject
GetTextMetricsA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

user32

CreateWindowExA
GetWindowLongA
UpdateWindow
DefWindowProcA
DispatchMessageA
MessageBoxA
CharNextA
PackDDElParam
PeekMessageA
PostMessageA
UnregisterClassA
DestroyWindow
SendMessageA
BeginPaint
CharPrevA
DrawTextA
GetClientRect
SetWindowTextA
PostQuitMessage
OffsetRect
EndPaint
ShowCursor
FindWindowA
IsWindow
MoveWindow
GetDC
GetSystemMetrics
GetMessageA
ReleaseDC
ShowWindow
SetFocus
TranslateMessage
BringWindowToTop
LoadIconA
wvsprintfA
LoadCursorA
ExitWindowsEx
LoadStringA
InvalidateRect
UnpackDDElParam
CharUpperA
wsprintfA
RegisterClassA

comdlg32

GetOpenFileNameA

advapi32

RegEnumKeyExA
SetFileSecurityA
RegCreateKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
GetFileSecurityA
RegCloseKey
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
RegOpenKeyExA

ole32

CoUninitialize
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize

oleaut32

LoadTypeLi
SysAllocStringLen
VariantChangeTypeEx
VariantClear
VariantTimeToDosDateTime
RegisterTypeLi

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerInstallFileA

kernel32

OpenFile
GlobalFree
GlobalAlloc
SetFilePointer
GetACP
CreateFileA
LCMapStringW
LCMapStringA
GetCPInfo
VirtualAlloc
VirtualFree
GetCurrentProcessId
HeapDestroy
SetStdHandle
HeapCreate
SetHandleCount
SetEndOfFile
GetStdHandle
GetStartupInfoA
GetCommandLineA
GetLocalTime
GetSystemTime
GetCurrentDirectoryA
HeapFree
HeapAlloc
GetTimeZoneInformation
ExitProcess
FileTimeToLocalFileTime
TerminateProcess
GetFileType
FileTimeToSystemTime
GetFileAttributesA
GetVersionExA
GetVersion
HeapReAlloc
LocalFree
LocalAlloc
GetSystemDirectoryA
DosDateTimeToFileTime
GetWindowsDirectoryA
SetFileTime
GetModuleHandleA
LocalFileTimeToFileTime
SetErrorMode
LoadLibraryA
GetDriveTypeA
GetProcAddress
FreeLibrary
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
GetStringTypeW
GetStringTypeA
RtlUnwind
GetEnvironmentStringsW
GlobalAddAtomA
_lwrite
GlobalDeleteAtom
_lclose
GetFileSize
GetPrivateProfileStringA
LocalLock
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
lstrcatA
lstrcpyA
lstrlenA
lstrcmpiA
SetFileAttributesA
CopyFileA
GetModuleFileNameA
FindClose
Sleep
IsDBCSLeadByte
WriteFile
CloseHandle
FindFirstFileA
_lread
CreateProcessA
LocalUnlock
DeleteFileA
MoveFileA
GetExitCodeProcess
GetFullPathNameA
lstrcpynA
GlobalUnlock
GlobalLock
GlobalFindAtomA
GetShortPathNameA
MoveFileExA
MultiByteToWideChar
WideCharToMultiByte
CompareStringA
ReadFile
GetTempFileNameA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTempPathA
GetCurrentProcess

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4159a9ccafdc9e418bec02d791aa5942

Headers

File Characteristics

Imports

gdi32

shell32

user32

comdlg32

advapi32

ole32

oleaut32

version

kernel32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 14KB - Virtual size: 45KB

.rsrc Size: 37KB - Virtual size: 40KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 14KB - Virtual size: 45KB

.rsrc
Size: 37KB - Virtual size: 40KB