169962f313b6bd1c7decc9012e1f521d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

169962f313b6bd1c7decc9012e1f521d_JaffaCakes118
Size

164KB
MD5

169962f313b6bd1c7decc9012e1f521d
SHA1

56c42d93dec1ebfb280af7b61b23886daa093e64
SHA256

1ec8fa58a1b338aed36d9179b84d2788e99110def975a4229fa0238ea588e8c1
SHA512

6de6c0688ea3e1db19dd48f492309289b00314c04a05bd0a78a96b75416957b48fc1171ddc31d02b92cbe6591c4908227c3fbb031c0ccf93cfd089a90ad6a97a
SSDEEP

3072:HRd7o38Kny8wRfaczO/A1oYaWnY6PhALfpELxPxcdI:ATwRfrK/A/aA/pQfuhb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169962f313b6bd1c7decc9012e1f521d_JaffaCakes118

Files

169962f313b6bd1c7decc9012e1f521d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d72206c09b819c39269084ff56588f04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_wcsnicmp
NtWaitForSingleObject
atoi
atol
RtlDeleteCriticalSection

kernel32

FormatMessageA
WriteFile
LockResource
GetStringTypeA
VirtualAlloc
GetACP
SizeofResource
LocalAlloc
lstrcpynA
CloseHandle
WaitForSingleObject
GetStdHandle
FindClose
GetFileSize
HeapFree
GetCPInfo
WideCharToMultiByte
VirtualAllocEx
DeleteFileA
ResetEvent
HeapDestroy
VirtualQuery
GlobalAlloc
GetModuleFileNameA
lstrlenA
SetEndOfFile
GetProcessHeap
CreateEventA
EnumCalendarInfoA
FindResourceA
SetErrorMode
FreeResource
GetDateFormatA
SetThreadLocale
GetCurrentProcess
LoadLibraryA
GetUserDefaultLCID
SetEvent
GetFileType
GetEnvironmentStrings
EnterCriticalSection
LocalReAlloc
GetStartupInfoA
GetDiskFreeSpaceA
GetStringTypeW
ExitProcess
RaiseException
GetVersionExA
Sleep
GetLocaleInfoA
ExitThread
GetCurrentThread
DeleteCriticalSection
GetTickCount
CompareStringA
GlobalFindAtomA
ReadFile
GetModuleHandleA
GetFileAttributesA
GetCurrentProcessId
VirtualFree
MoveFileExA
lstrcpyA

advapi32

RegQueryValueA
RegEnumValueA

shlwapi

SHQueryValueExA
SHEnumValueA
SHSetValueA
PathGetCharTypeA

comdlg32

FindTextA
ChooseColorA

comctl32

ImageList_Draw
ImageList_Add
ImageList_Remove
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Write
ImageList_DragShowNolock
ImageList_Create

version

VerQueryValueA
VerInstallFileA

user32

DefWindowProcA
CharLowerA
ShowScrollBar
CreateIcon
CreatePopupMenu
GetMenu
GetPropA
IsDialogMessageA
GetKeyState
DrawEdge
GetClientRect
FrameRect
DrawIconEx
GetClassInfoA
GetClassLongA
CharLowerBuffA
GetCapture
GetDesktopWindow
EnumChildWindows
SetWindowPos
GetWindowTextA
GetScrollPos
GetDCEx
ClientToScreen
GetActiveWindow
SetCursor
GetCursor
GetScrollRange
SetWindowLongA
GetCursorPos
GetDlgItem
GetMenuItemID
FindWindowA
SetWindowTextA
GetParent
CharToOemA
EnableScrollBar
RegisterClassA
EndPaint
DrawMenuBar
DispatchMessageW
SetTimer
CheckMenuItem
GetLastActivePopup
IsWindowEnabled
IsWindowVisible
EnumWindows
GetSysColor

msvcrt

tolower
malloc
sprintf
strlen
srand
atol
memcpy
sqrt
swprintf
time
memmove
clock
wcstol
memset
wcscspn
rand
exit
_acmdln

oleaut32

SysReAllocStringLen
OleLoadPicture
SysAllocStringLen
SafeArrayGetUBound
VariantCopyInd

ole32

CoGetMalloc
StgOpenStorage
CLSIDFromProgID

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation
SHFileOperationA
SHGetDiskFreeSpaceA
SHGetDesktopFolder

gdi32

CreateFontIndirectA
SetBkMode
CreateDIBitmap
GetDIBits
CreatePalette
GetObjectA
GetDCOrgEx

Sections

text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 123KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d72206c09b819c39269084ff56588f04

Headers

File Characteristics

Imports

ntdll

kernel32

advapi32

shlwapi

comdlg32

comctl32

version

user32

msvcrt

oleaut32

ole32

shell32

gdi32

Sections

text Size: 32KB - Virtual size: 32KB

BSS Size: 123KB - Virtual size: 190KB

.edata Size: 6KB - Virtual size: 5KB

INIT Size: 2KB - Virtual size: 1KB

text
Size: 32KB - Virtual size: 32KB

BSS
Size: 123KB - Virtual size: 190KB

.edata
Size: 6KB - Virtual size: 5KB

INIT
Size: 2KB - Virtual size: 1KB