007745691e503d7bf4c43dacfd8748d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

007745691e503d7bf4c43dacfd8748d3_JaffaCakes118
Size

100KB
MD5

007745691e503d7bf4c43dacfd8748d3
SHA1

1cf07d867f006d08ab284eaf78636438a1bce30e
SHA256

dbbb7cf0c7d91e01986e07111766da0aa369b556bb1f006175f2f4f66141ad53
SHA512

c0a6250093f3eee455ce716dc454b03f6ee8663fa67933edef8f77d67146ddca169e44df046de1188168c328fe573cbb94d8512573459a70b927d08902174123
SSDEEP

1536:6THhBkxzS4iD66XUEb3msMf4KsO4eSnsypF+qqjtax+57bma62fR2v:6DuzSxxUs3m3gKX4yGF+XjtakmhWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007745691e503d7bf4c43dacfd8748d3_JaffaCakes118

Files

007745691e503d7bf4c43dacfd8748d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64625ab46ced8aa0a09a58814b602a07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetCurrentThreadId
DeleteCriticalSection
ResetEvent
GetEnvironmentStrings
LoadLibraryExA
GetSystemDefaultLangID
DeleteFileA
InitializeCriticalSection
GetCommandLineA
CloseHandle
SetLastError
FormatMessageA
LoadResource
GetOEMCP
LoadLibraryA
GetProcAddress
lstrlenA
HeapDestroy
MulDiv
ExitThread
GetACP
SetErrorMode
SizeofResource
lstrcpynA
CompareStringA
FindFirstFileA
ExitProcess
VirtualQuery
GlobalAddAtomA
GetCurrentProcess
FindClose
GetFullPathNameA
Sleep
GetUserDefaultLCID
GetStartupInfoA
WaitForSingleObject
GetCurrentThread
SetHandleCount
SetThreadLocale
VirtualAlloc
HeapFree
GetModuleHandleA
VirtualFree
ReadFile
CreateFileA
lstrcpyA
lstrcmpiA
GetStringTypeW
EnterCriticalSection
GlobalFindAtomA
VirtualAllocEx
LockResource
GetTickCount
GetCPInfo
LocalAlloc
CreateThread
GetVersionExA
lstrcatA
LocalReAlloc
GetDiskFreeSpaceA
GetFileType
GlobalDeleteAtom
GetLastError
GetStdHandle
GetDateFormatA
RaiseException
LocalFree
GetLocalTime

advapi32

RegCreateKeyA

msvcrt

memmove
tan
rand
strncmp
memcmp

shlwapi

SHSetValueA
SHDeleteKeyA
SHStrDupA
SHEnumValueA
PathIsDirectoryA
SHQueryValueExA
PathFileExistsA
PathIsContentTypeA

oleaut32

SafeArrayGetElement
SysReAllocStringLen
SafeArrayCreate
VariantChangeType
SafeArrayGetUBound
SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex

user32

IsWindowVisible
GetMenuItemInfoA
EnableWindow
CreatePopupMenu
SetWindowPos
SystemParametersInfoA
IsWindowEnabled
ShowWindow
GetClassLongA
MessageBoxA
TrackPopupMenu
GetActiveWindow
EnumWindows
DispatchMessageA
GetMessagePos
GetWindow
GetSysColorBrush
CallWindowProcA
GetClientRect
GetPropA
GetForegroundWindow
FrameRect
GetCursor
EnableScrollBar
DefWindowProcA
GetSubMenu
GetSysColor
IsChild
GetScrollRange
GetClipboardData
GetDC
GetFocus
EnableMenuItem
GetCapture
CreateMenu
CallNextHookEx

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetBkColor

shell32

SHGetDesktopFolder
SHGetFolderPathA

ole32

CoReleaseMarshalData
CoGetObjectContext
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateFreeThreadedMarshaler
WriteClassStm
CoCreateInstanceEx
CLSIDFromProgID
StringFromIID

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64625ab46ced8aa0a09a58814b602a07

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

shlwapi

oleaut32

user32

comctl32

shell32

ole32

Sections

.text Size: 47KB - Virtual size: 46KB

.bss Size: 512B - Virtual size: 412B

.idata Size: 47KB - Virtual size: 46KB

.rdata Size: 1KB - Virtual size: 1KB

.init Size: 2KB - Virtual size: 2KB

.text
Size: 47KB - Virtual size: 46KB

.bss
Size: 512B - Virtual size: 412B

.idata
Size: 47KB - Virtual size: 46KB

.rdata
Size: 1KB - Virtual size: 1KB

.init
Size: 2KB - Virtual size: 2KB