140a430a6516df52865a32df97fef968_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

140a430a6516df52865a32df97fef968_JaffaCakes118
Size

256KB
MD5

140a430a6516df52865a32df97fef968
SHA1

38ba0b49e2a461acba27207bd67e4a9886125c32
SHA256

de5dbfe6990d370e2596cbf511c9ed4dd86b8f04657e00f14f13639a2648ba19
SHA512

5fab39c64660226f1381314fae2968c73706dd33c0ed862b0a2fdd290d16187e36c43b1dab2a9080a45031c748157c2c4487f728ad3355d6e50e0e20f5777c21
SSDEEP

3072:0hTeXfSPN6JC83ktfO/G2q/rqyvwa8RrE1msQdMQH+WrYrcD1GRC1RBQdNUY3z:vXaP7VmGrm6sE12H+M1nodNU8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140a430a6516df52865a32df97fef968_JaffaCakes118

Files

140a430a6516df52865a32df97fef968_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0698059bcbfb45f033c7b8c2557fb0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Magej\Any\usag\Tus\ocojege\Jufakax\ujyro\Met\omin\Kononol\Iwo\ecevat\Gafegu.pdb

Imports

user32

SetWinEventHook
ScreenToClient
SystemParametersInfoA
FrameRect
ClientToScreen
GetClassInfoExA
EnumWindows
CallNextHookEx
GetWindowLongA
CreateWindowExA
DefWindowProcA
ReleaseDC
SetClipboardData
DestroyWindow
SendMessageA
IsClipboardFormatAvailable
SendDlgItemMessageA
CheckRadioButton
SetForegroundWindow
GetWindowTextLengthA
RegisterClassExA
UnhookWinEvent

ole32

CoRevokeClassObject
CoInitialize
OleUninitialize
OleInitialize

oleacc

AccessibleObjectFromPoint
GetOleaccVersionInfo
WindowFromAccessibleObject

oleaut32

OleTranslateColor
OleCreatePropertyFrameIndirect
OleIconToCursor

kernel32

FatalAppExitA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
ReadFile
SetEndOfFile
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetTimeZoneInformation
CreateFileA
FlushFileBuffers
SetStdHandle
IsBadWritePtr
VirtualAlloc
GetOEMCP
GetACP
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
GetDateFormatA
GetTimeFormatA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
VirtualQuery
InterlockedExchange
HeapSize
HeapReAlloc
GetSystemInfo
ExpandEnvironmentStringsA
GetVolumeInformationA
GetCurrentThread
DuplicateHandle
PeekNamedPipe
GetExitCodeProcess
GetEnvironmentVariableA
ResetEvent
FindFirstChangeNotificationA
DeleteFileA
OpenMutexA
CreateMutexA
SetEvent
GetCurrentProcess
LoadLibraryA
CreateProcessA
WriteConsoleW
VirtualProtect
AddAtomA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapFree
CloseHandle
WriteFile
SetFilePointer
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
HeapAlloc
RtlUnwind

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f0698059bcbfb45f033c7b8c2557fb0c

Headers

File Characteristics

PDB Paths

Imports

user32

ole32

oleacc

oleaut32

kernel32

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 88KB - Virtual size: 400KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 88KB - Virtual size: 400KB