0697e3dbceb4ae6b0e93a9d4ebf52c1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0697e3dbceb4ae6b0e93a9d4ebf52c1a_JaffaCakes118
Size

101KB
MD5

0697e3dbceb4ae6b0e93a9d4ebf52c1a
SHA1

f4c3fbbcb0e1cd3dc32ec05247918b113c4d39f1
SHA256

cefb54ad11f76d1f67e722cfb4187d7000f806fc58c8759726a0162b2f189626
SHA512

6f98c455119d6bf3e37c7bdb853ad325a35287c16c2e034dcdf760cb70448b0de9ff42805e824cb66b0d73bbedaa6c8983b8e41448195d3e1c770100451871c8
SSDEEP

1536:bKC2hHZR+4HLVWaq/ZVDkfV3/Fs2DequDbjyzqXHPnJrBGW:xEHZP0aq/zDk93BDqPwuHNB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0697e3dbceb4ae6b0e93a9d4ebf52c1a_JaffaCakes118

Files

0697e3dbceb4ae6b0e93a9d4ebf52c1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fb05fc0bff559faad72043077d658bfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

atol
RtlDeleteCriticalSection
_wcsnicmp
NtWaitForSingleObject

ole32

OleRun
CoCreateFreeThreadedMarshaler
OleRegGetUserType
CLSIDFromString

advapi32

GetUserNameA
GetLengthSid
RegEnumKeyExA
RegQueryInfoKeyA

user32

EnumThreadWindows
DrawMenuBar
ShowWindow
CreateWindowExA
EnableMenuItem
SetWindowLongA
GetForegroundWindow
GetMenuItemInfoA
EnumChildWindows
GetScrollPos
GetCursorPos
GetMenuStringA
CharNextA
CharLowerA
DispatchMessageA
SetWindowPos
DefWindowProcA
DrawEdge
EndDeferWindowPos
GetDC
GetMessagePos
GetDCEx
GetMenuState
GetClientRect
GetSysColor
EnableWindow
GetScrollRange
GetMenuItemID
IsChild
FillRect
FindWindowA
GetMenu
DrawIcon
GetDesktopWindow
SetTimer
SetWindowTextA
EnableScrollBar
EqualRect
DefFrameProcA
GetDlgItem
HideCaret
IsWindowEnabled
CreateMenu
GetFocus
GetScrollInfo
IsMenu
GetClipboardData
GetCursor
CharLowerBuffA
ClientToScreen
GetKeyNameTextA
GetCapture
GetActiveWindow
GetMenuItemCount
DrawFrameControl
GetParent
GetIconInfo
BeginPaint
EnumWindows
CreateIcon
CharToOemA

msvcrt

memcpy
wcscspn
tolower
wcsncmp
wcschr
malloc
sqrt
calloc
atol
time
srand
memmove

version

VerFindFileA

kernel32

ExitThread
GetCommandLineA
InitializeCriticalSection
LoadLibraryA
SetFilePointer
GetUserDefaultLCID
GetTickCount
CreateEventA
VirtualQuery
MoveFileExA
ResetEvent
VirtualFree
SetHandleCount
SetLastError
lstrcmpiA
LoadLibraryExA
LocalFree
FindClose
DeleteCriticalSection
LocalReAlloc
CloseHandle
GetSystemDefaultLangID
lstrcpyA
VirtualAllocEx
GetACP
GlobalAlloc
FormatMessageA
GlobalAddAtomA
LoadResource
SetEvent
GetCurrentThread
WriteFile
GetModuleFileNameA
WideCharToMultiByte
GetStringTypeW
lstrlenA
GetLocalTime
FindResourceA
ReadFile
ExitProcess
lstrcpynA
GetProcAddress
WaitForSingleObject
GetThreadLocale
GetCurrentProcess
CreateFileA
GetStdHandle
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
EnterCriticalSection
GetEnvironmentStrings
LockResource
MulDiv
RaiseException
FindFirstFileA
DeleteFileA
GetDateFormatA
EnumCalendarInfoA
lstrcatA
GetCPInfo
SetEndOfFile
SizeofResource
SetThreadLocale
CompareStringA
lstrcmpA

oleaut32

RegisterTypeLib
SafeArrayCreate
SafeArrayUnaccessData
GetErrorInfo
SafeArrayGetElement
SysFreeString
SafeArrayPtrOfIndex

shlwapi

PathFileExistsA
SHDeleteValueA
PathGetCharTypeA
SHGetValueA
SHDeleteKeyA
SHSetValueA
SHQueryInfoKeyA
SHQueryValueExA
SHStrDupA

comdlg32

GetFileTitleA
ChooseColorA
FindTextA
GetOpenFileNameA
GetSaveFileNameA

Sections

.2
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

0
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb05fc0bff559faad72043077d658bfb

Headers

File Characteristics

Imports

ntdll

ole32

advapi32

user32

msvcrt

version

kernel32

oleaut32

shlwapi

comdlg32

Sections

.2 Size: 43KB - Virtual size: 42KB

0 Size: 43KB - Virtual size: 42KB

9 Size: 12KB - Virtual size: 11KB

.4 Size: 2KB - Virtual size: 1KB

.2
Size: 43KB - Virtual size: 42KB

0
Size: 43KB - Virtual size: 42KB

9
Size: 12KB - Virtual size: 11KB

.4
Size: 2KB - Virtual size: 1KB