11f7f0081ed862bc191cbaaf6696316b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11f7f0081ed862bc191cbaaf6696316b_JaffaCakes118
Size

174KB
MD5

11f7f0081ed862bc191cbaaf6696316b
SHA1

765dfae22c6efa835185f0c02f76e8a9302348eb
SHA256

a019bfb2bfcbf7be4085a23ee9016c28785fa32e21ed8ca087bc5d514ef0cb63
SHA512

1d3f46463bf558abe68e354300b06ab5c437e685fe6412badea02bd697ed413c2852ea8cfd0a50a3293e9fe49f1c50b76757b24a77a0d31939413f9d90cdf877
SSDEEP

3072:HEMHgnWeLxa8B+rlfxeiHFk280sywUHZkklgnwFL+Dq:H7HJeL7BkfpHBjsBdklgN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11f7f0081ed862bc191cbaaf6696316b_JaffaCakes118

Files

11f7f0081ed862bc191cbaaf6696316b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c45a56960532c8f5c41dc8f5f4040b6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharToOemA
GetSysColor

ole32

CoTaskMemFree
CoCreateFreeThreadedMarshaler
StringFromIID
CoGetObjectContext
CoCreateGuid
CoGetContextToken
MkParseDisplayName

comdlg32

ChooseColorA
ChooseColorA
GetFileTitleA
GetSaveFileNameA
FindTextA
FindTextA

shell32

SHGetDiskFreeSpaceA
SHGetDesktopFolder
SHGetFolderPathA
Shell_NotifyIconA
SHGetFileInfoA

advapi32

RegEnumValueA
RegCreateKeyExA

gdi32

SetPixel
RestoreDC
CreateBitmap
GetPaletteEntries
SetBkColor
GetDIBColorTable
CopyEnhMetaFileA
LineTo
GetClipBox
CreateBrushIndirect
GetObjectA
CreateCompatibleDC

oleaut32

SafeArrayGetUBound
SysReAllocStringLen
SafeArrayPtrOfIndex
GetErrorInfo
SafeArrayGetElement
OleLoadPicture
SafeArrayPtrOfIndex
SysAllocStringLen
RegisterTypeLib
SafeArrayGetUBound
VariantChangeType

comctl32

ImageList_Read
ImageList_GetBkColor
ImageList_Remove
ImageList_Create
ImageList_Destroy
ImageList_Write
ImageList_Draw
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetBkColor
ImageList_Create
ImageList_DrawEx
ImageList_Write

version

VerQueryValueA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetLastError
GetProcAddress
GetCommandLineW
lstrlenA
VirtualAllocEx
VirtualAlloc
ExitProcess
GlobalAlloc
IsBadReadPtr
ExitThread
GetModuleHandleA
LoadLibraryA
GetVersionExA
LoadLibraryExA
GetACP

msvcrt

tolower

shlwapi

PathIsContentTypeA
SHQueryInfoKeyA
SHQueryValueExA
SHSetValueA

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data0
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 599B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c45a56960532c8f5c41dc8f5f4040b6e

Headers

File Characteristics

Imports

user32

ole32

comdlg32

shell32

advapi32

gdi32

oleaut32

comctl32

version

kernel32

msvcrt

shlwapi

Sections

.text Size: 43KB - Virtual size: 42KB

.data Size: 1024B - Virtual size: 538B

.data0 Size: 1KB - Virtual size: 1KB

.data4 Size: 1024B - Virtual size: 599B

.data7 Size: 121KB - Virtual size: 121KB

.data1 Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 43KB - Virtual size: 42KB

.data
Size: 1024B - Virtual size: 538B

.data0
Size: 1KB - Virtual size: 1KB

.data4
Size: 1024B - Virtual size: 599B

.data7
Size: 121KB - Virtual size: 121KB

.data1
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB