16bd67430b77a58d49a873471c9b1700_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16bd67430b77a58d49a873471c9b1700_JaffaCakes118
Size

160KB
MD5

16bd67430b77a58d49a873471c9b1700
SHA1

ad1bbc4d2dac3e990b7a09c7e3d578151cc2b322
SHA256

dfb69af93776745da20440e6d4c205b5680177b729e873571866041c8f0bcd02
SHA512

62df26d617c92fe0536e004ed00e35e65bae2c26a4fe6cc625e72bac880e6f5db76730b2982629dddaedf5b407fbd4daa5ecae28f8a33b1e1e30a268de94ed75
SSDEEP

3072:Nz1ha8qHYYTYmPM8hnoFYLedUNpjmsF9tPaDZ0:NzXlUXhnVLJTn9tPl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16bd67430b77a58d49a873471c9b1700_JaffaCakes118

Files

16bd67430b77a58d49a873471c9b1700_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05c17dd3c572c30b1e9f046dddbd6dfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
wcsncmp
memset
malloc
_commit
time
__set_app_type
__wgetmainargs
_unlock
_itow
_stat
_snprintf
exit
wcschr
_itow
malloc
_unlock
__p__commode
rand
srand
_errno

shlwapi

StrCmpICA
SHStrDupA
StrFormatByteSizeA
PathIsContentTypeA

kernel32

SetHandleCount
FreeLibrary
VirtualAlloc
HeapAlloc
GetStringTypeW
SetErrorMode
SetEvent
ExitThread
VirtualFree
GetDiskFreeSpaceA
GetProcAddress
GetLastError
GetStdHandle
ResetEvent
FindResourceA
GetThreadLocale
GlobalAddAtomA
DeleteFileA
LocalAlloc
GlobalDeleteAtom
CreateThread
Sleep
GetStartupInfoA
GetCurrentProcessId
LoadLibraryA
CreateEventA
CreateFileA
SetThreadLocale
GetCurrentThreadId
GetFileType
DeleteCriticalSection
RaiseException
VirtualQuery
LoadResource
InitializeCriticalSection
MoveFileExA
GlobalAlloc
GetEnvironmentStrings
lstrcpynA
GetVersionExA
GetFileAttributesA
GetLocaleInfoA
GetFileSize
SetFilePointer
ReadFile
GetProcessHeap
ExitProcess
GetCurrentThread
LoadLibraryExA
EnterCriticalSection
CloseHandle
SetEndOfFile
GetCommandLineA
FormatMessageA
LocalFree
GetLocalTime
MoveFileA
CompareStringA
GetStringTypeA
GetSystemDefaultLangID
LockResource
MulDiv
GetACP
SetLastError
lstrlenA
SizeofResource
lstrcmpA
WideCharToMultiByte
lstrcmpiA
GlobalFindAtomA
GetUserDefaultLCID
WriteFile
GetDateFormatA
GetFullPathNameA
FindFirstFileA
lstrcatA
FindClose
FreeResource

ole32

ReleaseStgMedium
CoDisconnectObject
CreateOleAdviseHolder
CoFreeUnusedLibraries
CoCreateGuid
OleCreateStaticFromData

gdi32

CreateCompatibleDC
GetPaletteEntries
CreateDIBSection
SelectObject
GetClipBox
CreateDIBSection
CreatePenIndirect
CreateBitmap
SaveDC
GetPaletteEntries
CreateCompatibleBitmap
GetClipBox
SelectPalette
CreateDIBitmap

advapi32

RegDeleteKeyA

shell32

DragQueryFileA
SHGetFileInfoA
SHGetDiskFreeSpaceA
SHFileOperationA

user32

EndPaint
IsDialogMessageA
CharToOemA
SetTimer
GetPropA
EnableMenuItem
GetDlgItem
ClientToScreen
IsWindowVisible
DefWindowProcA
DrawMenuBar
SetWindowLongA
GetCapture
FindWindowA
DeferWindowPos
GetScrollPos
GetMenu
CreatePopupMenu
EnumThreadWindows
DefFrameProcA
CallWindowProcA
SystemParametersInfoA
GetCursorPos
GetIconInfo
GetMenuState
GetSysColor
MessageBoxA
IsWindowEnabled
GetClassInfoA
DrawFrameControl
GetFocus
EndDeferWindowPos
SetWindowTextA
GetKeyState
GetMessagePos
GetMenuStringA
IsMenu
FillRect
EqualRect
DefWindowProcA
DrawFrameControl
IsMenu
CharToOemA
GetMenuItemInfoA
GetWindow
TrackPopupMenu
BeginPaint
CallNextHookEx
DeferWindowPos
EndPaint
IsWindowEnabled
GetWindowTextA
GetActiveWindow
SetWindowPos
CheckMenuItem
EnableScrollBar
FillRect
GetMessagePos
BeginDeferWindowPos
DispatchMessageA
MessageBoxA
GetMenuState
RegisterClassA
SetTimer
GetPropA
GetDlgItem
SetCursor
GetCursor
GetIconInfo
GetDC
GetDCEx
GetKeyNameTextA
GetClassLongA
ShowScrollBar

version

GetFileVersionInfoA
VerQueryValueA

comdlg32

FindTextA

Sections

.CODE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05c17dd3c572c30b1e9f046dddbd6dfb

Headers

File Characteristics

Imports

msvcrt

shlwapi

kernel32

ole32

gdi32

advapi32

shell32

user32

version

comdlg32

Sections

.CODE Size: 11KB - Virtual size: 10KB

.data Size: 5KB - Virtual size: 105KB

.edata Size: 139KB - Virtual size: 139KB

BSS Size: 2KB - Virtual size: 1KB

INIT Size: 1KB - Virtual size: 1KB

.CODE
Size: 11KB - Virtual size: 10KB

.data
Size: 5KB - Virtual size: 105KB

.edata
Size: 139KB - Virtual size: 139KB

BSS
Size: 2KB - Virtual size: 1KB

INIT
Size: 1KB - Virtual size: 1KB