04c3be136ae099f7da18ec8997f5278c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04c3be136ae099f7da18ec8997f5278c_JaffaCakes118
Size

216KB
MD5

04c3be136ae099f7da18ec8997f5278c
SHA1

78ea291662921d9e6b7413d35809e17667aa5447
SHA256

80f3772f5ac564d38bc35649123c5e82818d28d95f6481248b12f60ec270e00a
SHA512

1f27dea9a2f5ae328edb164d3b7fc5def73980c29a2655f6eea4dce00653ad1101d8a88b9d291bff32f0aeb65b4b59e03252986992fb68876efb8b84f6be9119
SSDEEP

3072:kuNZcQ0WG3K7Mw2/zHE8+00xZiAR8eDuFqg1lCA3BCFnOA7bbPZwjtbv7:lab3gMw2/L2BDugqlx3BCRj78v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04c3be136ae099f7da18ec8997f5278c_JaffaCakes118

Files

04c3be136ae099f7da18ec8997f5278c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

037d76f8c7037bfa8aa9496d27c59ab6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadHugeReadPtr
ExitThread
GetCommandLineW
VirtualAllocEx
GetModuleHandleW
ExitProcess
GetLastError
GetModuleHandleA
GlobalAlloc
LoadLibraryA
lstrlenW
GetProcAddress
IsBadReadPtr

gdi32

GetClipBox
SelectPalette
SaveDC
CreateCompatibleBitmap
CreateBrushIndirect
GetDIBits
CopyEnhMetaFileA
CreatePalette
CreateBrushIndirect
GetDIBits

user32

GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetScrollRange
GetKeyState
GetKeyNameTextA
GetMenuState
GetScrollPos
GetPropA
GetSysColorBrush
GetSystemMenu
GetMenuItemInfoA
GetTopWindow
GetMessagePos
GetSysColor
GetSubMenu
GetWindowLongW
GetWindowLongA
GetMenuStringA
GetWindow
GetMenuItemID
GetMenu
GetWindowDC
GetMenuItemCount
GetScrollInfo
GetKeyboardType
GetParent
GetIconInfo
GetLastActivePopup
GetKeyboardLayout

shlwapi

SHStrDupA
PathIsDirectoryA
SHGetValueA
SHEnumValueA
SHQueryInfoKeyA
SHDeleteValueA
SHDeleteKeyA
PathFileExistsA
SHDeleteValueA
SHStrDupA
SHSetValueA
SHEnumValueA
PathIsContentTypeA
SHQueryValueExA
PathIsDirectoryA
SHQueryInfoKeyA
PathFileExistsA
PathGetCharTypeA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameA

comctl32

ImageList_Destroy
ImageList_Read
ImageList_Draw
ImageList_GetBkColor
ImageList_Write

version

GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA

ole32

CreateOleAdviseHolder
CoRegisterClassObject
StringFromIID
CoTaskMemFree
ReleaseStgMedium
PropVariantClear
CoRevokeClassObject
OleRegGetUserType

oleaut32

SafeArrayGetElement
RegisterTypeLib
GetErrorInfo
SysStringLen
OleLoadPicture
SysReAllocStringLen
SafeArrayCreate
SysFreeString
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayGetElement
RegisterTypeLib
GetErrorInfo
VariantCopyInd
SafeArrayPtrOfIndex
SysStringLen

shell32

SHGetFolderPathA
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
Shell_NotifyIconA
SHGetDiskFreeSpaceA
SHFileOperationA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA

msvcrt

strncmp
clock
log
asin

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

037d76f8c7037bfa8aa9496d27c59ab6

Headers

File Characteristics

Imports

kernel32

gdi32

user32

shlwapi

comdlg32

comctl32

version

ole32

oleaut32

shell32

advapi32

msvcrt

Sections

.text Size: 176KB - Virtual size: 172KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 64KB

DATA Size: 4KB - Virtual size: 3KB

.gdata Size: 8KB - Virtual size: 7KB

.ddata Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 64KB

DATA
Size: 4KB - Virtual size: 3KB

.gdata
Size: 8KB - Virtual size: 7KB

.ddata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB