fd883dc34b2c3afbf0fe3f1eeff2b500_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd883dc34b2c3afbf0fe3f1eeff2b500_JaffaCakes118
Size

190KB
MD5

fd883dc34b2c3afbf0fe3f1eeff2b500
SHA1

c722c57f4bc191d6c14d6213bbf1050017d7c1ac
SHA256

9a64280ad58f1ae64fa63369efea2e737cc17d7aed03bf78e77d059fc4d0a0d2
SHA512

6acedfb0435ee1d6ee1fd48af2885a785d8fad471a8ecb03150d9de9d6ffbd576c329f8382df509f8d6ff21e006cc06ea45725b8c41d78f0c9457f997667cd6d
SSDEEP

3072:lErJnhSUPAsJk3x5bn81ovAcB8sVBfWENCX/vYZnsTteoszOQJFrw+rHw:lEFnXP9Jgb8uB/VxNCPwsSzOurtbw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd883dc34b2c3afbf0fe3f1eeff2b500_JaffaCakes118

Files

fd883dc34b2c3afbf0fe3f1eeff2b500_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a711ab12d81df0a5339726fa46e80689

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
OleIsCurrentClipboard
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoRetireServer
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleUninitialize
CLSIDFromProgID
CoCreateInstance
CoGetClassObject
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
OleFlushClipboard
StgOpenStorageOnILockBytes
CLSIDFromString

kernel32

lstrcpyW
GetCalendarInfoW
SetFileTime
MoveFileW
GetVersion
GetModuleFileNameW
GetCurrentProcessId
InterlockedDecrement
DeleteFileW
ReadFile
FindFirstFileW
EnumResourceLanguagesW
SetFilePointer
GetSystemDefaultLangID
EnumResourceNamesA
SystemTimeToFileTime
CreateDirectoryW
MultiByteToWideChar
LoadLibraryW
RemoveDirectoryW
ExitProcess
ConvertDefaultLocale
GetFileAttributesW
GetLocaleInfoW
WriteFile
FindClose
FindNextFileW
CreateFileW
LocalFileTimeToFileTime
WideCharToMultiByte
GetCurrentDirectoryW
GetProcAddress

user32

CharUpperW
SetRect
GetNextDlgTabItem
SetPropW
WinHelpW
RegisterWindowMessageW
IsRectEmpty
MessageBeep
RemovePropW
GetNextDlgGroupItem
GetClassInfoExW
SendDlgItemMessageA
GetClassLongW
GetPropW
CreateWindowExW
CharNextW
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
DestroyMenu

gdi32

GetMapMode
SelectObject
GetDeviceCaps
PtVisible
ExtSelectClipRgn
DeleteDC
TextOutW
GetStockObject
Escape
RectVisible
OffsetViewportOrgEx
ExtTextOutW
ScaleWindowExtEx
ScaleViewportExtEx
GetBkColor
GetTextColor
SetViewportOrgEx
SetWindowExtEx
GetRgnBox

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathFindFileNameW
PathFileExistsW
PathIsUNCW
PathAppendW

advapi32

RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueW
RegCloseKey
RegEnumKeyExW
RegOpenKeyW
RegSetValueExW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a711ab12d81df0a5339726fa46e80689

Headers

File Characteristics

Imports

ole32

kernel32

user32

gdi32

oleacc

shlwapi

advapi32

shell32

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 77KB - Virtual size: 77KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 77KB - Virtual size: 77KB

.edata
Size: 1024B - Virtual size: 116KB