fae80c74bcf3dfcaed97ab40c5c568c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fae80c74bcf3dfcaed97ab40c5c568c1_JaffaCakes118
Size

176KB
MD5

fae80c74bcf3dfcaed97ab40c5c568c1
SHA1

99a1a388e461bffcc3b2c4bc48feaa8b4f4001f3
SHA256

f8594e2cc508c102e2f4c701d2fd74b45ab0fca87455a971b9742ed73dc3e274
SHA512

570dbfefa6e13fc669577741fd302832b9f9f471d8f6d469827b01577a80f848c6153de4295d7cc67b23f6b75017406732d392f371ae26521c25dcfc15793c12
SSDEEP

3072:ZmjUGyy1FbGOQS5ZRBLfur6BS28rSe2bxdvKTMJBsiSMAd0kfaCX/MO4X:CUcJBurySFrtKxdvKIBsnXd0kjMO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fae80c74bcf3dfcaed97ab40c5c568c1_JaffaCakes118

Files

fae80c74bcf3dfcaed97ab40c5c568c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7140b7e267bd53fe5d0a74394704e5fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW

comdlg32

GetFileTitleW

kernel32

LoadLibraryW
GetCalendarInfoW
DeleteCriticalSection
LocalFileTimeToFileTime
DeleteFileW
WriteFile
WaitForSingleObject
FindResourceW
CreateMutexW
FreeLibrary
GetLocaleInfoW
GetModuleFileNameW
GetVersionExW
GetACP
GetThreadContext
EnumResourceLanguagesW
CreateDirectoryW
VirtualFree
RaiseException
ConvertDefaultLocale
GetCurrentProcessId
LoadResource
LockResource
CreateFileW
SetFileTime
GetFileAttributesW
EnumResourceNamesA
MoveFileW
GetSystemDefaultLangID
FindFirstFileW
InterlockedDecrement
GetVersion
lstrcpyW
ReleaseMutex
SizeofResource
SystemTimeToFileTime
ExitProcess
GetModuleHandleW
FindNextFileW
GetProcAddress
GetCurrentDirectoryW
ReadFile
CloseHandle
WideCharToMultiByte
InterlockedExchange
GetLocaleInfoA
GetThreadLocale
InitializeCriticalSection
RemoveDirectoryW
MultiByteToWideChar
lstrcmpiA
SetFilePointer
FindClose
lstrcmpA

user32

CharNextW
MessageBeep
GetPropW
GetMessagePos
IsChild
GetMessageTime
SetPropW
SendDlgItemMessageA
GetTopWindow
CallWindowProcW
IsWindow
GetClientRect
SetActiveWindow
InvalidateRect
WinHelpW
RegisterWindowMessageW
UpdateWindow
MapWindowPoints
DefWindowProcW
RemovePropW
GetMenu
GetClassLongW
CopyAcceleratorTableW
IntersectRect
GetWindowPlacement
CreateWindowExW
GetForegroundWindow
GetClassInfoExW
GetNextDlgGroupItem
CharUpperW
GetNextDlgTabItem
OffsetRect
RegisterClassW
EqualRect
LoadIconW
IsRectEmpty
GetClassInfoW
IsIconic
SetRect
AdjustWindowRectEx
SetForegroundWindow
InvalidateRgn
DestroyMenu

ole32

CoRegisterMessageFilter
CoUninitialize
CoCreateInstance
CoGetClassObject
OleFlushClipboard
OleUninitialize
CoRevokeClassObject
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoInitialize
StgCreateDocfileOnILockBytes
CoTaskMemFree
OleIsCurrentClipboard
OleInitialize
CLSIDFromProgID
CLSIDFromString

oledlg

OleUIBusyW

gdi32

SaveDC
GetStockObject
ScaleWindowExtEx
GetViewportExtEx
SetViewportExtEx
DeleteDC
SetViewportOrgEx
SetMapMode
GetObjectW
SetBkColor
ScaleViewportExtEx
GetBkColor
GetMapMode
TextOutW
Escape
OffsetViewportOrgEx
GetDeviceCaps
DeleteObject
GetClipBox
PtVisible
SelectObject
SetTextColor
GetTextColor
CreateBitmap
RectVisible
GetRgnBox
ExtTextOutW
SetWindowExtEx
ExtSelectClipRgn
RestoreDC
GetWindowExtEx
CreateRectRgnIndirect

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shlwapi

PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathFileExistsW
PathIsUNCW
PathRemoveFileSpecW
PathAppendW

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7140b7e267bd53fe5d0a74394704e5fe

Headers

File Characteristics

Imports

advapi32

comdlg32

kernel32

user32

ole32

oledlg

gdi32

shell32

winspool.drv

shlwapi

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 69KB - Virtual size: 69KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 69KB - Virtual size: 69KB

.edata
Size: 1024B - Virtual size: 92KB