feea43d06a623a3a997eb07398800b46_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

feea43d06a623a3a997eb07398800b46_JaffaCakes118
Size

272KB
MD5

feea43d06a623a3a997eb07398800b46
SHA1

e91f90b62226ffaa14777f698b8d40e143f096ff
SHA256

bd19fde4338f0bb82977b428458093dcc8436fd9682946d3d312169fdf426fe0
SHA512

dbe0d220079623791009a8f30b0166dab1b67254568e9ef12e6b9d0b2a9daf99a504b7ecb95d2d4fd461bd3c066f7cb0353ed9193e287c69f8324fd0f067b16c
SSDEEP

6144:tiQPIzaAN0bLWmJKB/o6JBfq/U19OTnsZThFhpdhpziWxbxMAr:LIeAN0H3CdJBCc15vhPhpeWxbiA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feea43d06a623a3a997eb07398800b46_JaffaCakes118

Files

feea43d06a623a3a997eb07398800b46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bbe0fd8091a10670f823eec4e726cf04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GlobalLock
VirtualFree
GetModuleFileNameW
FindClose
SetCurrentDirectoryW
GetLogicalDrives
QueryDosDeviceW
SuspendThread
DeleteFileW
WideCharToMultiByte
FindResourceW
GetTickCount
DuplicateHandle
CreateProcessW
SetFilePointer
MulDiv
GetCurrentThread
Sleep
GetVersion
CreateThread
GetFileAttributesW
WritePrivateProfileStringW
CloseHandle
SizeofResource
FindResourceExW
MultiByteToWideChar
ReadFile
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
FileTimeToSystemTime
GlobalAddAtomW
LockResource
VirtualAlloc
SetLastError
GetDriveTypeW
SetWaitableTimer
SetThreadPriority
WaitForSingleObject
GetProcAddress
FreeLibrary
GetPrivateProfileStringW
GetCurrentProcessId
CreateWaitableTimerW
FreeResource
CancelWaitableTimer
GetLastError
FindNextFileW
ResetEvent
GetLocalTime
CreateEventW
GetFileSize
lstrlenW
GlobalUnlock
TerminateThread
LoadResource
GlobalDeleteAtom
InterlockedDecrement

user32

GetWindowDC
PostThreadMessageW
InvalidateRect
AppendMenuW
CreatePopupMenu
WindowFromPoint
LoadImageW
SetCursorPos
IsDlgButtonChecked
GetClassNameW
SystemParametersInfoW
SendMessageW
ReleaseCapture
OffsetRect
DestroyIcon
GetWindowRect
RegisterHotKey
SetWindowTextW
EndDialog
SendDlgItemMessageW
RedrawWindow
RegisterClassExW
SetCursor
TranslateMessage
GetWindowTextW
DispatchMessageW
SetDlgItemTextW
UpdateWindow
VkKeyScanW
SetCapture
DrawTextW
LoadIconW
SetForegroundWindow
wsprintfW
EnableWindow

gdi32

CreateSolidBrush
SetTextColor
SetBkMode
MoveToEx
DeleteDC
CreateCompatibleDC
CreateFontIndirectW
SelectObject
CreateICW
DPtoLP
BitBlt
GetMapMode
SetMapMode
Rectangle
SetDIBits
CreateCompatibleBitmap
SetBkColor

advapi32

RegOpenKeyExW
RegSetValueExW
SetSecurityDescriptorDacl
RegQueryValueExW
StartServiceW
RegDeleteValueW
RegCloseKey
InitializeSecurityDescriptor
RegNotifyChangeKeyValue

shell32

SHChangeNotify
Shell_NotifyIconW

ole32

CoInitializeEx
CoInitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbe0fd8091a10670f823eec4e726cf04

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 244KB - Virtual size: 242KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 244KB - Virtual size: 242KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 17KB