08815761452d9d08d3c4ada663ee9af6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

08815761452d9d08d3c4ada663ee9af6_JaffaCakes118
Size

192KB
MD5

08815761452d9d08d3c4ada663ee9af6
SHA1

45ff07d083114c673784f050b3acbce22030a8c5
SHA256

1e3eae84dd0f9b989926f5e1c41936540dc338348fc9c6882ca7e74d82b3e4d1
SHA512

72be2393db6e38a7fb3803a9a28e49fe877127ad86b0895253199da5e6bc79d42622f5b4f9fc74abdb287bef07c8ff12bef67848e331b0cdc335a874534e10dc
SSDEEP

3072:GtB+nraxtsudTuWPDhTfIEBvMj2eBIDxUTewKMhGfcEl3odYY8rN:GtBBmcZjJWeTm3El3oN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08815761452d9d08d3c4ada663ee9af6_JaffaCakes118

Files

08815761452d9d08d3c4ada663ee9af6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e4c433dc326e1268ec9c43f5b7bdeb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetLengthSid
GetUserNameA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyA
RegLoadKeyA

ole32

CoGetContextToken
CreateBindCtx
StgCreateDocfileOnILockBytes
CoGetObjectContext
GetHGlobalFromStream
CLSIDFromString

comdlg32

FindTextA
GetSaveFileNameA
GetFileTitleA
ChooseColorA

msvcrt

asin
srand
wcstol
log10
wcscspn
memcpy
sprintf
log

oleaut32

SysStringLen
RegisterTypeLib
SafeArrayGetUBound

kernel32

CreateEventA
SetEvent
LocalReAlloc
GetProcAddress
VirtualAllocEx
Sleep
LocalFree
GetSystemDefaultLangID
FreeResource
SetThreadLocale
GetStdHandle
GetVersion
GetCurrentProcessId
FormatMessageA
IsBadHugeReadPtr
lstrlenW
LoadLibraryExA
VirtualAlloc
GetFileAttributesA
ExitThread
CloseHandle
SetErrorMode
VirtualFree
GetModuleHandleA
FreeLibrary
LocalAlloc
LockResource
DeleteCriticalSection
CreateThread
GlobalFindAtomA
GetCurrentProcess
GetStringTypeA
lstrcmpA
HeapAlloc
WriteFile
ResetEvent
lstrcatA
lstrcpyA
GetCommandLineW
SetLastError
GetCurrentThread
MulDiv
GlobalDeleteAtom
CreateFileA
SizeofResource
WideCharToMultiByte
GetLastError
GetACP
GetVersionExA
DeleteFileA
MoveFileExA
LoadResource
SetHandleCount
ExitProcess
GetFullPathNameA
CreateThread
GlobalFindAtomA
GetOEMCP
ResetEvent
ExitProcess
GetStringTypeA
GetProcAddress
EnumCalendarInfoA
CreateEventA
GetStdHandle
GetModuleHandleW
SetThreadLocale
CreateFileA
SetEvent
WriteFile
LocalReAlloc
FindFirstFileA
GetCurrentProcess
GetLocaleInfoA
GetProcessHeap
GetEnvironmentStrings
GetModuleFileNameA
VirtualFree
GetFileAttributesA
FreeLibrary
CompareStringA
FindResourceA
EnterCriticalSection
GetCurrentProcessId
LocalFree
lstrcpyA
InitializeCriticalSection
GetDiskFreeSpaceA
GetLocalTime
LoadLibraryExA
lstrcmpA
LoadLibraryA
SetHandleCount
GlobalAlloc
lstrlenA
Sleep
VirtualAlloc
SizeofResource
MulDiv
HeapFree
GetSystemDefaultLangID
GetThreadLocale
LocalAlloc
GetVersionExA
GlobalDeleteAtom
MoveFileA
ReadFile
WaitForSingleObject
lstrlenW
GetSystemDefaultLangID
ExitThread
CloseHandle
GetVersionExA
lstrcpynA
GetACP
FreeLibrary
LoadLibraryExA
HeapAlloc
HeapFree
WideCharToMultiByte
MoveFileA
ReadFile
lstrcatA
GetCommandLineW
GetCommandLineA
GetCurrentThreadId
GetStartupInfoA
GetLocaleInfoA
GetCurrentProcessId
GetModuleHandleA
ExitProcess
GetCPInfo
GetOEMCP
IsBadHugeReadPtr
FindResourceA
GetLocalTime
VirtualQuery
GetTickCount
FindFirstFileA
SetEndOfFile
InitializeCriticalSection
GetLastError
VirtualAllocEx
CreateThread
GetFullPathNameA
GetEnvironmentStrings
SetHandleCount
GetCurrentProcess
GetProcAddress
SetThreadLocale
FreeResource
EnumCalendarInfoA
RaiseException
LocalFree
IsBadReadPtr
GlobalAlloc
lstrcmpA
FindClose
GetModuleHandleW
LoadLibraryA

gdi32

GetClipBox
CreatePalette
CreateDIBitmap
CreateDIBSection
GetDIBits
GetRgnBox

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA

shlwapi

SHDeleteValueA
PathFileExistsA

version

GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ImageList_GetBkColor
ImageList_Write
ImageList_Add
ImageList_Create
ImageList_Write
ImageList_Draw
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Destroy
ImageList_DrawEx
ImageList_Add
ImageList_Read

user32

CloseClipboard
SetScrollRange
LoadIconA
SetCursor
TranslateMDISysAccel
wsprintfA
SetWindowPlacement
IsWindowUnicode
DispatchMessageA
GetParent
DrawTextA
SetClassLongA
CreateMenu
GetScrollRange
IntersectRect
RedrawWindow
LoadBitmapA
CallNextHookEx
EnableMenuItem
RemoveMenu
IsRectEmpty
EnableScrollBar
SetParent

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e4c433dc326e1268ec9c43f5b7bdeb5

Headers

File Characteristics

Imports

advapi32

ole32

comdlg32

msvcrt

oleaut32

kernel32

gdi32

shell32

shlwapi

version

comctl32

user32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 117B

.bss Size: 12KB - Virtual size: 8KB

.ddata Size: 64KB - Virtual size: 62KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 117B

.bss
Size: 12KB - Virtual size: 8KB

.ddata
Size: 64KB - Virtual size: 62KB

.rsrc
Size: 8KB - Virtual size: 7KB