02b92f439d838a623c816b7e8a7fede0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02b92f439d838a623c816b7e8a7fede0_JaffaCakes118
Size

98KB
MD5

02b92f439d838a623c816b7e8a7fede0
SHA1

c3bc5c978364857e774ec059d28edd9b8633f6be
SHA256

e0c29cb91a393b8b11e4d78b840066849229053620373bc217886a42ecf4304d
SHA512

bbf98346c2ee3f5d22baec1e28bafef36fd465bb32d32f1265082e4caf70b4bcee24115ecb15ad0478c6ec54637faef6da912c475c8b9486be1e19e04a82b4d0
SSDEEP

1536:itmzYlkhIY45q/jjJa6vDMrUNIjUITtO0TyU2KB+Xm5QnTX4l8JQlmqMU3tcBAa:cRi2YjjHrY5Ttx3kex8JPqz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b92f439d838a623c816b7e8a7fede0_JaffaCakes118

Files

02b92f439d838a623c816b7e8a7fede0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ea52d2f2d8dedef5b6f2b9fe2e969c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLSIDFromString
OleRun

msvcrt

memmove
memcpy
strncmp
sin

kernel32

GetModuleHandleA
LoadLibraryExA
LoadLibraryA
GetCommandLineA
ExitProcess
VirtualAlloc

shlwapi

SHQueryInfoKeyA
SHQueryValueExA
PathFileExistsA
PathIsDirectoryA
SHSetValueA
SHEnumValueA
SHStrDupA

version

GetFileVersionInfoSizeA
VerQueryValueA

user32

GetSubMenu
DispatchMessageW
DrawIconEx
GetMessagePos
IsMenu
GetLastActivePopup
GetDesktopWindow
CallWindowProcA
ShowScrollBar
CreateMenu
GetDCEx
IsDialogMessageA
BeginDeferWindowPos
EnumThreadWindows
SetTimer
DrawFrameControl
GetSysColorBrush
DrawMenuBar
EnableWindow
GetSysColor
GetCapture
GetScrollRange
SetWindowLongA
MessageBoxA
GetScrollPos
GetIconInfo
SetWindowPos
GetKeyState
DrawTextA
GetWindow
GetCursorPos
GetScrollInfo
EnumChildWindows
EnableMenuItem
GetPropA
IsWindowEnabled
GetWindowTextA
GetActiveWindow
ShowWindow
CreateWindowExA
GetDC
CallNextHookEx
CheckMenuItem
GetKeyNameTextA
DefWindowProcA
EnableScrollBar
SetCursor
IsChild
EndDeferWindowPos
GetClassLongA
RegisterClassA
CreateIcon
SetWindowTextA
IsWindowVisible
GetMenuItemID
DefFrameProcA
TrackPopupMenu
HideCaret
DeferWindowPos
GetCursor

comctl32

ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Read
ImageList_Create
ImageList_Draw
ImageList_Add
ImageList_Write

oleaut32

SysFreeString

advapi32

GetLengthSid
RegDeleteValueA
RegQueryValueA

Sections

CODE
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1024B - Virtual size: 543B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ea52d2f2d8dedef5b6f2b9fe2e969c6

Headers

File Characteristics

Imports

ole32

msvcrt

kernel32

shlwapi

version

user32

comctl32

oleaut32

advapi32

Sections

CODE Size: 47KB - Virtual size: 47KB

BSS Size: 3KB - Virtual size: 2KB

.rdata Size: 45KB - Virtual size: 44KB

.bss Size: 1024B - Virtual size: 543B

CODE
Size: 47KB - Virtual size: 47KB

BSS
Size: 3KB - Virtual size: 2KB

.rdata
Size: 45KB - Virtual size: 44KB

.bss
Size: 1024B - Virtual size: 543B