162bf8fbbfc93ae2b044ff4766a3c34f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

162bf8fbbfc93ae2b044ff4766a3c34f_JaffaCakes118
Size

210KB
MD5

162bf8fbbfc93ae2b044ff4766a3c34f
SHA1

80f12ac00116e52919e1f2a2a3f26fb34731d8ac
SHA256

6cb7c8812bcc6b1e3ec55c3484e78a8ef0d97d5b3f4642d5369ff99d446a5e7f
SHA512

b477612ab23060707598e9950531f1350b36445cd34bf9e8b9f9c99a1d3093fbc3d944cf2ed9c71f7825b3f6d3475e97e29352cad2b5bc61cbc94ecb78730175
SSDEEP

6144:b7xbm2ovXZr6nwnkrJjA1uWuS05Nw3rlkq9xPgLO:b7xkQrJ2oEOWqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
162bf8fbbfc93ae2b044ff4766a3c34f_JaffaCakes118

Files

162bf8fbbfc93ae2b044ff4766a3c34f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

125115444f0d0181ff7cf65b4d28d544

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
ReadFile
GlobalGetAtomNameW
GetModuleFileNameA
FatalAppExitW
CreateMutexA
GetModuleHandleA
FindAtomA
GetUserDefaultLCID
OpenMutexA
GetLogicalDrives
GetTempFileNameA
Beep
ReadDirectoryChangesW
DisconnectNamedPipe
CreateSemaphoreW
OpenSemaphoreW
GetEnvironmentVariableA
CompareStringW
lstrlenA
SetPriorityClass
GetCommandLineW
GetSystemDirectoryA
GlobalGetAtomNameA
lstrcpynA
GetCPInfo
FindResourceA
OpenWaitableTimerW
QueryPerformanceCounter
EnumTimeFormatsA
SetCurrentDirectoryA
IsBadCodePtr
GetTimeFormatA
lstrcmp
GetVersion
CreateFileA
EndUpdateResourceW
SetCurrentDirectoryW
lstrcpyA
GetTimeFormatW
CopyFileExW
IsValidCodePage
GetCalendarInfoW
GetTempFileNameW
ExitProcess
GetComputerNameA
GetProcAddress
DosDateTimeToFileTime
GetSystemTime
lstrcpyW
GetSystemDefaultLangID
ExpandEnvironmentStringsW
OpenWaitableTimerA
GetCurrentProcess
CreateFileMappingA

user32

GetMessageW
SetWindowTextA
SetParent
GetClassInfoExA
GetWindowLongA
SetTimer
IsWindowEnabled
TrackPopupMenuEx
SetCursor
SendDlgItemMessageA
RegisterClassExA
GetActiveWindow
GetDlgItemTextA
CharNextW
CheckMenuRadioItem
FillRect
CreateDesktopA
CreateDialogIndirectParamA
LoadCursorW
DefDlgProcA
CreateWindowExW
InsertMenuA
GetClassLongW

gdi32

ExtCreateRegion
Ellipse
GetDeviceCaps
GetAspectRatioFilterEx
SetAbortProc
SelectBrushLocal
SetArcDirection
FloodFill
CreateDCA
GetSystemPaletteEntries
FillPath
GetCharWidthFloatW
AnimatePalette
ExtFloodFill
ExcludeClipRect

advapi32

RegReplaceKeyA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyExW
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA

oleaut32

VarCyCmp
VariantChangeTypeEx
VarI4FromStr
VarUI1FromI4

inetcomm

CreatePOP3Transport
MimeOleSMimeCapsToDlg
MimeOleGetDefaultCharset
EssSecurityLabelEncodeEx
MimeOleGenerateFileName
MimeOleGetPropW
CreateIMAPTransport
MimeOleObjectFromMoniker
EssMLHistoryDecodeEx
EssSecurityLabelDecodeEx
MimeOleSetPropW
EssMLHistoryEncodeEx
MimeOleOpenFileStream
HrDoAttachmentVerb
HrSaveAttachToFile
CreateRangeList
MimeOleGenerateMID
MimeOleGetRelatedSection

sqlunirl

_SendMessage@16
_ClearEventLog_@8
_RegReplaceKey_@16
_FindExecutable_@12
_RegUnLoadKey_@8
_ShellExecute_@24
_PeekMessage@20
_lstrcpyn_@12
_ReadConsoleInput_@16
_OpenWaitableTimer_@12
_RegEnumValue_@32
_GetWindowTextLength@4

crypt32

PFXVerifyPassword
CertSerializeCRLStoreElement
CertEnumCTLContextProperties
CertAddCTLContextToStore
CertNameToStrA
CryptEncryptMessage
CryptGetKeyIdentifierProperty
RegEnumValueU
CryptVerifyMessageSignature
CryptSetOIDFunctionValue
CryptRegisterOIDFunction
CryptSIPCreateIndirectData
CryptSIPPutSignedDataMsg
CertAddEnhancedKeyUsageIdentifier
CertAddEncodedCRLToStore

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qRTHoW
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vVVua
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MCS
Size: 512B - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SdGAP
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xa
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Avk
Size: 1KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OOSv
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KPO
Size: 1KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

125115444f0d0181ff7cf65b4d28d544

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

inetcomm

sqlunirl

crypt32

Sections

.text Size: 11KB - Virtual size: 11KB

.qRTHoW Size: 2KB - Virtual size: 4KB

.vVVua Size: 2KB - Virtual size: 4KB

.MCS Size: 512B - Virtual size: 26KB

.SdGAP Size: 4KB - Virtual size: 16KB

.xa Size: 1KB - Virtual size: 17KB

.Avk Size: 1KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 11KB

.OOSv Size: 1KB - Virtual size: 33KB

.KPO Size: 1KB - Virtual size: 240KB

.rsrc Size: 169KB - Virtual size: 169KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.qRTHoW
Size: 2KB - Virtual size: 4KB

.vVVua
Size: 2KB - Virtual size: 4KB

.MCS
Size: 512B - Virtual size: 26KB

.SdGAP
Size: 4KB - Virtual size: 16KB

.xa
Size: 1KB - Virtual size: 17KB

.Avk
Size: 1KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 11KB

.OOSv
Size: 1KB - Virtual size: 33KB

.KPO
Size: 1KB - Virtual size: 240KB

.rsrc
Size: 169KB - Virtual size: 169KB

.reloc
Size: 1KB - Virtual size: 1KB