01266c07e4b2f923ce2278b71072e9d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01266c07e4b2f923ce2278b71072e9d6_JaffaCakes118
Size

188KB
MD5

01266c07e4b2f923ce2278b71072e9d6
SHA1

6bc404dd798b99acdd2e9e7a438fd00a9d8e2ff7
SHA256

0a3ab3a2e63640c4bda9acadc8eda6ee584ac6ca98f1da4d236dfe9c49fc2fd6
SHA512

904279f8575b0a4d3c697b0e392ac3e695a01de086c059a2ef27c1c72b3bfe5e334b357484664ccabe731173937a57722f60ef0b0eec27626501c7c6463106a7
SSDEEP

3072:Erm9jzZudPiQNMz494iCm7u5xs31/5CqkiQgHJ9gdTypFnBJeGnI:l9H0aA6viCm7ubs3xfPOTr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01266c07e4b2f923ce2278b71072e9d6_JaffaCakes118

Files

01266c07e4b2f923ce2278b71072e9d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb80a9f10d2e9b12bf2051b7b0ded81d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shlwapi

SHStrDupA
PathFileExistsA
SHDeleteValueA
SHSetValueA

comdlg32

ChooseColorA

msvcrt

memcpy
time
wcsncmp
_acmdln
mbstowcs
wcscspn
calloc
sqrt
exit
clock
memmove

user32

EndPaint
IsMenu
GetCapture
CallWindowProcA
TrackPopupMenu
ClientToScreen
GetWindowTextA
GetIconInfo
DispatchMessageA
DefWindowProcA
GetScrollInfo
EnableMenuItem
GetMenuStringA
RegisterClassA
GetClassLongA
GetMenuItemCount
DrawMenuBar
DrawTextA
MessageBoxA
GetSubMenu
IsChild
EnumThreadWindows
SystemParametersInfoA
DrawIconEx
FrameRect
IsWindowVisible
GetMenuItemInfoA
GetDesktopWindow
DrawIcon
BeginDeferWindowPos
IsWindowEnabled
GetClassInfoA
ShowWindow
SetCursor
GetPropA
FillRect
DeferWindowPos
EnableScrollBar
GetMenuItemID
ShowScrollBar
CreateMenu
EnumChildWindows
GetCursor
GetParent
DefMDIChildProcA
IsDialogMessageA
GetKeyState
CharToOemA
GetDC
GetScrollRange

comctl32

ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Remove
ImageList_Add
ImageList_Destroy

kernel32

SetErrorMode
GetThreadLocale
GetStartupInfoA
SetThreadLocale
HeapFree
RaiseException
FormatMessageA
CreateFileA
LocalAlloc
GetModuleHandleA
GetFileSize
GetLastError
GetFileType
LocalReAlloc
CreateThread
DeleteFileA
ExitProcess
GetModuleFileNameA
SetEvent
FindFirstFileA
SetFilePointer
SetLastError
EnumCalendarInfoA
VirtualFree
GetSystemDefaultLangID
GetProcAddress
SetHandleCount
CompareStringA
GetCurrentProcessId
SetEndOfFile
GetCurrentThread
FindResourceA
GetDateFormatA
VirtualAlloc
GetCommandLineA
FreeResource
ExitThread
GlobalAlloc
LocalFree
GetVersion
LoadLibraryExA
SizeofResource
GetCPInfo
EnterCriticalSection

gdi32

BitBlt
CreateDIBitmap
SelectPalette
SetPixel
GetCurrentPositionEx
GetBitmapBits
GetRgnBox
CreateDIBSection
GetPixel
SelectObject

version

VerQueryValueA
GetFileVersionInfoA
VerFindFileA

advapi32

RegCreateKeyExA
RegLoadKeyA
RegDeleteKeyA
GetLengthSid

Sections

.text
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb80a9f10d2e9b12bf2051b7b0ded81d

Headers

File Characteristics

Imports

shlwapi

comdlg32

msvcrt

user32

comctl32

kernel32

gdi32

version

advapi32

Sections

.text Size: 70KB - Virtual size: 72KB

.data Size: 45KB - Virtual size: 48KB

DATA Size: 32KB - Virtual size: 36KB

.edata Size: 28KB - Virtual size: 28KB

INIT Size: 3KB - Virtual size: 40KB

.idata Size: 2KB - Virtual size: 4KB

BSS Size: 512B - Virtual size: 4KB

CODE Size: 512B - Virtual size: 4KB

.rsrc Size: 23KB - Virtual size: 24KB

.text
Size: 70KB - Virtual size: 72KB

.data
Size: 45KB - Virtual size: 48KB

DATA
Size: 32KB - Virtual size: 36KB

.edata
Size: 28KB - Virtual size: 28KB

INIT
Size: 3KB - Virtual size: 40KB

.idata
Size: 2KB - Virtual size: 4KB

BSS
Size: 512B - Virtual size: 4KB

CODE
Size: 512B - Virtual size: 4KB

.rsrc
Size: 23KB - Virtual size: 24KB