053bfb0e9007ff2ad23fbcd50369e83b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

053bfb0e9007ff2ad23fbcd50369e83b_JaffaCakes118
Size

556KB
MD5

053bfb0e9007ff2ad23fbcd50369e83b
SHA1

cd77da7d5095b36b0b54a7f5be87f1cd70edc4cf
SHA256

c04a43674f62aaa477239fca0cf5bc441df7c261b560cc0524d3b1b94cabfbac
SHA512

20b9d985223bdadf6b60964479851cae293a71a7ad0718eb16c9960105339fab87ad3980429e5106bcf6a9ccd3540fa3316d9349dca5e9dcf41f804894359d3f
SSDEEP

12288:BOF3dPUdZuGUbewjOcdPgF2pwsL00r57r5t:BsNPUPuGuewjJ5DdLF979t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
053bfb0e9007ff2ad23fbcd50369e83b_JaffaCakes118

Files

053bfb0e9007ff2ad23fbcd50369e83b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8607bdf6394ad2255a1c6cf45283700f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
WideCharToMultiByte
lstrlenW
ExitProcess
InterlockedIncrement
InterlockedDecrement
DebugBreak
OutputDebugStringA
GetStringTypeExA
GetThreadLocale
CreateDirectoryA
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GetSystemDefaultLangID
FormatMessageA
FreeLibrary
LoadLibraryA
WriteFile
RemoveDirectoryA
lstrcmpiA
GetVersionExA
SetLastError
GetCurrentProcess
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
HeapCreate
InitializeCriticalSection
FlushInstructionCache
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
GetExitCodeProcess
CreateProcessA
CompareStringA
GetFileAttributesA
WaitForSingleObject
GetTickCount
lstrlenA
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceA
MultiByteToWideChar
FindFirstFileA
lstrcmpA
FindNextFileA
FindClose
SetFileAttributesA
RtlUnwind
CreateFileA
SetFileTime
ReadFile
CloseHandle

user32

GetParent
GetWindowLongA
DialogBoxParamA
GetActiveWindow
CharUpperA
MsgWaitForMultipleObjects
SendMessageA
GetClientRect
GetWindow
GetWindowRect
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
EnumChildWindows
PeekMessageA
TranslateMessage
DispatchMessageA
LoadStringA
SystemParametersInfoA
MapWindowPoints
SetWindowLongA
GetDlgCtrlID
CheckDlgButton
GetSystemMetrics
SetFocus
wvsprintfA
CharNextA
SetWindowPos
IsWindow
GetWindowTextLengthA
GetWindowTextA
SetTimer
LoadImageA
GetSysColorBrush
IsDlgButtonChecked
EnableWindow
MessageBoxA
EndDialog
GetDlgItem
SetWindowTextA
ShowWindow

gdi32

CreateDIBSection
AddFontResourceA

advapi32

RegCreateKeyExA
OpenSCManagerA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
CreateServiceW
CloseServiceHandle

shell32

ShellExecuteExA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

ole32

OleUninitialize
StringFromGUID2
CLSIDFromProgID
CoCreateInstance
OleInitialize

oleaut32

SysAllocString
VariantCopy
VariantClear
VariantChangeType
VariantCopyInd
SysStringLen
SysAllocStringLen
SysFreeString
RegisterTypeLi
LoadTypeLi
BstrFromVector
VariantInit

comctl32

ord17

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8607bdf6394ad2255a1c6cf45283700f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB