11c2264b28911cf5c88f7b747998228d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

11c2264b28911cf5c88f7b747998228d_JaffaCakes118
Size

166KB
MD5

11c2264b28911cf5c88f7b747998228d
SHA1

93c6ae2691aed2383f22727aa4e4edbdefc29442
SHA256

11d6b7b6044c3d51dbeb89457ada36e88eafbcc26e3c3e4e4199dd56c0b66f04
SHA512

6e16c44f5190afd67bd1d7e58fcf0cc9cfd487077919930f4bf60466b78214baaad9fcce2a676c50954397968353be26538bcedc71c02fc34a2f71a54b46b31d
SSDEEP

3072:WF1S3FcsibHIVIpN79Mt3dJ2gxh/AkZWY4ZVawOK0BUulKXKrHkVPV6jWrDlBh:D1Fiz8IpNpKdfPeLOK3wkV8jWvl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11c2264b28911cf5c88f7b747998228d_JaffaCakes118

Files

11c2264b28911cf5c88f7b747998228d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e002b3866c10e01905dc52dd4e1021fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysStringLen
SysFreeString

advapi32

RegQueryInfoKeyA
RegQueryValueExA

ole32

StringFromIID
WriteClassStm
CoCreateFreeThreadedMarshaler
CoCreateInstanceEx
CreateOleAdviseHolder
CoGetObjectContext
PropVariantClear

comdlg32

GetSaveFileNameA
GetOpenFileNameA
FindTextA
ChooseColorA
GetFileTitleA

kernel32

LoadLibraryA
WriteFile
GetModuleHandleA
lstrcmpA
VirtualAllocEx
GetProcAddress
GetCurrentProcessId
GetStdHandle
lstrlenA
ExitThread
GetUserDefaultLCID
GetDiskFreeSpaceA
SetEndOfFile

msvcrt

pow
wcschr
sqrt
log
malloc
strncmp
tan
srand
memcpy

comctl32

ImageList_Add
ImageList_Destroy
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Draw

shell32

SHGetSpecialFolderLocation
SHGetFileInfoA
SHFileOperationA
DragQueryFileA
SHGetDiskFreeSpaceA

version

VerInstallFileA

user32

CallWindowProcA
ShowScrollBar
WindowFromPoint
GetCursor
LoadBitmapA
IsDialogMessageW
UpdateWindow
TrackPopupMenu
InvalidateRect
EqualRect
RegisterWindowMessageA
DrawTextA
EnumWindows
MoveWindow
SetClassLongA
GetClassLongA
ShowOwnedPopups
GetKeyboardLayoutNameA
GetForegroundWindow
DestroyMenu
GetSystemMetrics
IsChild
ReleaseDC
GetActiveWindow
TranslateMessage
GetClipboardData
IsDialogMessageA
GetDC
ScrollWindow
DrawMenuBar
KillTimer
GetDlgItem
DestroyIcon
GetTopWindow
IsZoomed
AdjustWindowRectEx
InflateRect
BeginPaint
PostMessageA
GetWindowTextA
ClientToScreen
CharUpperBuffA
SetParent
GetLastActivePopup
GetSysColorBrush
CharNextA
GetCapture
MessageBoxA
DrawAnimatedRects
DispatchMessageW
SetPropA
GetWindowRect
SystemParametersInfoA
GetWindowLongA
DefFrameProcA
OemToCharA
SetWindowTextA
EndPaint
SetTimer
FrameRect
DrawEdge
CharToOemA
IsWindowEnabled
TranslateMDISysAccel
GetCursorPos
SetWindowLongA
FindWindowA
OpenClipboard
EnableMenuItem
UnregisterClassA
SetWindowPlacement
ReleaseCapture
SetActiveWindow
LoadKeyboardLayoutA
CreateIcon
GetKeyboardLayoutList
DestroyCursor
GetClassNameA
SetFocus
GetMenuStringA
GetMenuItemID
DeleteMenu
MapWindowPoints
MapVirtualKeyA
GetScrollInfo
UnhookWindowsHookEx
PtInRect
FillRect
PostQuitMessage
GetFocus
CharLowerBuffA
LoadStringA
DestroyWindow
CreatePopupMenu
GetWindowPlacement
EnableWindow
GetKeyboardLayout
GetPropA
IsWindow
LoadIconA
IsIconic
GetWindowDC
SetMenu
GetWindow
GetIconInfo
SetScrollInfo
GetMenuState
GetScrollRange
GetScrollPos
ScreenToClient
CreateMenu

shlwapi

SHDeleteValueA
SHStrDupA

gdi32

CreatePalette
CreateFontIndirectA
SelectObject
GetDCOrgEx
GetClipBox
SetBkColor
CreateCompatibleBitmap
LineTo
GetBitmapBits

Sections

CODE
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e002b3866c10e01905dc52dd4e1021fc

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

comdlg32

kernel32

msvcrt

comctl32

shell32

version

user32

shlwapi

gdi32

Sections

CODE Size: 30KB - Virtual size: 30KB

.edata Size: 512B - Virtual size: 92KB

BSS Size: 133KB - Virtual size: 132KB

DATA Size: 1024B - Virtual size: 628B

CODE
Size: 30KB - Virtual size: 30KB

.edata
Size: 512B - Virtual size: 92KB

BSS
Size: 133KB - Virtual size: 132KB

DATA
Size: 1024B - Virtual size: 628B