0aeb21722cca699ba73af0d971c1345d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0aeb21722cca699ba73af0d971c1345d_JaffaCakes118
Size

100KB
MD5

0aeb21722cca699ba73af0d971c1345d
SHA1

5feab154e0226fd59b1c3c2d8b0de01e23eab69e
SHA256

dd435b58ac849c9e0648c624f33b87b59120321beec9ee3474fac7ab816a03f9
SHA512

2fd5bc865ed549cd93d7cde5830848c4b2c5ca0cf63f853513e23df0cca093dde09a194ed900ca382e9dda583b9df309b954a1afc2c0e9fada381ec754d4a00a
SSDEEP

1536:6THhBkxzw4iD66XUEb3msMf4KsO4eSnsypF+qqjtax+57bma62fR2v:6DuzwxxUs3m3gKX4yGF+XjtakmhWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aeb21722cca699ba73af0d971c1345d_JaffaCakes118

Files

0aeb21722cca699ba73af0d971c1345d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64625ab46ced8aa0a09a58814b602a07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetCurrentThreadId
DeleteCriticalSection
ResetEvent
GetEnvironmentStrings
LoadLibraryExA
GetSystemDefaultLangID
DeleteFileA
InitializeCriticalSection
GetCommandLineA
CloseHandle
SetLastError
FormatMessageA
LoadResource
GetOEMCP
LoadLibraryA
GetProcAddress
lstrlenA
HeapDestroy
MulDiv
ExitThread
GetACP
SetErrorMode
SizeofResource
lstrcpynA
CompareStringA
FindFirstFileA
ExitProcess
VirtualQuery
GlobalAddAtomA
GetCurrentProcess
FindClose
GetFullPathNameA
Sleep
GetUserDefaultLCID
GetStartupInfoA
WaitForSingleObject
GetCurrentThread
SetHandleCount
SetThreadLocale
VirtualAlloc
HeapFree
GetModuleHandleA
VirtualFree
ReadFile
CreateFileA
lstrcpyA
lstrcmpiA
GetStringTypeW
EnterCriticalSection
GlobalFindAtomA
VirtualAllocEx
LockResource
GetTickCount
GetCPInfo
LocalAlloc
CreateThread
GetVersionExA
lstrcatA
LocalReAlloc
GetDiskFreeSpaceA
GetFileType
GlobalDeleteAtom
GetLastError
GetStdHandle
GetDateFormatA
RaiseException
LocalFree
GetLocalTime

advapi32

RegCreateKeyA

msvcrt

memmove
tan
rand
strncmp
memcmp

shlwapi

SHSetValueA
SHDeleteKeyA
SHStrDupA
SHEnumValueA
PathIsDirectoryA
SHQueryValueExA
PathFileExistsA
PathIsContentTypeA

oleaut32

SafeArrayGetElement
SysReAllocStringLen
SafeArrayCreate
VariantChangeType
SafeArrayGetUBound
SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex

user32

IsWindowVisible
GetMenuItemInfoA
EnableWindow
CreatePopupMenu
SetWindowPos
SystemParametersInfoA
IsWindowEnabled
ShowWindow
GetClassLongA
MessageBoxA
TrackPopupMenu
GetActiveWindow
EnumWindows
DispatchMessageA
GetMessagePos
GetWindow
GetSysColorBrush
CallWindowProcA
GetClientRect
GetPropA
GetForegroundWindow
FrameRect
GetCursor
EnableScrollBar
DefWindowProcA
GetSubMenu
GetSysColor
IsChild
GetScrollRange
GetClipboardData
GetDC
GetFocus
EnableMenuItem
GetCapture
CreateMenu
CallNextHookEx

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetBkColor

shell32

SHGetDesktopFolder
SHGetFolderPathA

ole32

CoReleaseMarshalData
CoGetObjectContext
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateFreeThreadedMarshaler
WriteClassStm
CoCreateInstanceEx
CLSIDFromProgID
StringFromIID

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64625ab46ced8aa0a09a58814b602a07

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

shlwapi

oleaut32

user32

comctl32

shell32

ole32

Sections

.text Size: 47KB - Virtual size: 46KB

.bss Size: 512B - Virtual size: 412B

.idata Size: 47KB - Virtual size: 46KB

.rdata Size: 1KB - Virtual size: 1KB

.init Size: 2KB - Virtual size: 2KB

.text
Size: 47KB - Virtual size: 46KB

.bss
Size: 512B - Virtual size: 412B

.idata
Size: 47KB - Virtual size: 46KB

.rdata
Size: 1KB - Virtual size: 1KB

.init
Size: 2KB - Virtual size: 2KB