0854b3a045660c1341405602d70594b9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0854b3a045660c1341405602d70594b9_JaffaCakes118
Size

135KB
MD5

0854b3a045660c1341405602d70594b9
SHA1

b07bfb495334d1e6c3ce931a37b717d47db81c7c
SHA256

5da9ef2c2573d0e51ac3125e1bb411a2443cd2275b77b8af4b486cf96f24b8a4
SHA512

8bb2cb7ada8263dd70af758f197bee465ea3ace04c35bbf9dc2126e9b7f03aabbf1313c13430e6d0bb6ad6a11e313f1fe611b77a7a3f0918301dd520177ac364
SSDEEP

3072:M8gU4wPbdJM0mh8O1YeCIGki0vdbsVPYWnin1ecmoNgqIabuaGEF+pk:FDV+8GG/0vdUPjnm7bzGEFV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0854b3a045660c1341405602d70594b9_JaffaCakes118

Files

0854b3a045660c1341405602d70594b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f48f57b07bb5ca7f894f65af013f8083

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord156
StrCmpNW
SHRegEnumUSKeyW
StrFormatByteSizeW
PathIsContentTypeA

shell32

ord173
SHBrowseForFolderA

kernel32

LoadLibraryA
GetExitCodeThread
lstrcmpiW
GetModuleHandleA
lstrcatW
lstrcpyW
CreateThread
OpenFile
SetFilePointer
SetFilePointerEx
_lclose
ClearCommBreak
EnumResourceTypesA
SetProcessPriorityBoost
GetLocalTime
HeapDestroy
GetAtomNameW
GetHandleInformation
LocalAlloc
WaitForMultipleObjects
GetProcessAffinityMask
CreateMailslotA
GetFileTime
_lopen
CloseHandle
DeleteFileW
CopyFileExA
lstrcpyA
GetProcAddress
lstrcmpiA
FileTimeToDosDateTime
GetTempPathW
LoadLibraryW
FormatMessageA
WaitForSingleObject
FindResourceW
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
TerminateThread

user32

EndPaint
DestroyIcon
DlgDirListW
IsWindowVisible
GetActiveWindow
CharLowerBuffA
CharUpperBuffA
GetWindowPlacement
SetForegroundWindow
EnumPropsW
RemovePropW
PostMessageW
SetMenuItemBitmaps
InvalidateRgn
SendMessageA
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
GetWindowRgn
LoadAcceleratorsA
DispatchMessageA
SetMenuItemInfoA
SetWindowTextW
GetPropW
GetDC
GetDesktopWindow
LoadCursorFromFileA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetBitmapBits
GetSystemPaletteEntries
LineTo
SetBoundsRect
GetCharWidth32W
ExtCreateRegion
SetViewportOrgEx
GetTextExtentPoint32W
SetBkColor
AngleArc
OffsetClipRgn
SetTextCharacterExtra
CreateScalableFontResourceW
UpdateColors

advapi32

ObjectDeleteAuditAlarmA
GetSidLengthRequired
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmW

Exports

Exports

_Copy_Ico@12
_Create_Ico@12
_Set_Ico@12
_Update_Ico@12

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f48f57b07bb5ca7f894f65af013f8083

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.code Size: 7KB - Virtual size: 7KB

.data Size: - Virtual size: 160B

.vars Size: 4KB - Virtual size: 3KB

.zero Size: 512B - Virtual size: 512B

.const Size: 512B - Virtual size: 44B

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 692B

.text
Size: 5KB - Virtual size: 5KB

.code
Size: 7KB - Virtual size: 7KB

.data
Size: - Virtual size: 160B

.vars
Size: 4KB - Virtual size: 3KB

.zero
Size: 512B - Virtual size: 512B

.const
Size: 512B - Virtual size: 44B

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 692B