17a86584d9dab4446ab4aa87b2d618e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17a86584d9dab4446ab4aa87b2d618e8_JaffaCakes118
Size

97KB
MD5

17a86584d9dab4446ab4aa87b2d618e8
SHA1

ac1f2909ad30898b288621d51a010b4f77ad7950
SHA256

cf340a705f6faa79f7cd5e83aac89b119fb5eebf7d3cec2ae4c59a425cf3f6d9
SHA512

f186a4e04645fa693c2d56e8f88a35fbeba4397d1953cb278883ce7c2ceadcd44d7f39f9efbed3a2bd17966801d967e385b7316e0fffec67350014a7217a0af7
SSDEEP

3072:N1SIsudy9SMag/ojlipFTBQG5i7jdxglqXs:D9e9ck2opFJ5i7Mv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a86584d9dab4446ab4aa87b2d618e8_JaffaCakes118

Files

17a86584d9dab4446ab4aa87b2d618e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6fe943f1d9636aeeecaf674ce774c128

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcstol
time
strncmp

user32

RegisterWindowMessageA
MapVirtualKeyA
RemoveMenu
SendMessageA
LoadStringA
LoadKeyboardLayoutA
PeekMessageW
ReleaseDC
RedrawWindow
ScreenToClient
PostMessageA
ReleaseCapture
SendMessageW
PeekMessageA
LoadCursorA
RemovePropA
OpenClipboard
PostQuitMessage
OffsetRect
PtInRect
LoadBitmapA
RegisterClipboardFormatA
OemToCharA
RegisterClassA
MessageBoxA
MapWindowPoints
MessageBeep
ScrollWindow
LoadIconA
SetActiveWindow

advapi32

RegOpenKeyA
RegEnumValueA

gdi32

CreatePenIndirect
CreateFontIndirectA
GetBitmapBits
CreatePalette
CreateDIBitmap

shell32

SHGetFolderPathA
SHGetFileInfoA

ole32

OleCreateStaticFromData
CLSIDFromString
ReleaseStgMedium
CoCreateFreeThreadedMarshaler
MkParseDisplayName
CoCreateInstanceEx

kernel32

GetOEMCP
MulDiv
lstrcpyA
GetModuleHandleW
WideCharToMultiByte
lstrcpynA
SizeofResource
WaitForSingleObject
MoveFileA
LoadLibraryA
LocalFree
VirtualQuery
GetLastError
WriteFile
lstrlenA
GetProcAddress
ExitThread
GlobalAlloc
GetACP
VirtualFree
GetVersionExA
lstrcmpiA
GetCommandLineA
MoveFileExA
VirtualAlloc
HeapDestroy
IsBadReadPtr
LocalAlloc
LocalReAlloc
ExitProcess
lstrcmpA
lstrcatA
GetModuleHandleA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

PathIsDirectoryA
SHStrDupA
PathGetCharTypeA
SHEnumValueA
SHDeleteKeyA
SHQueryValueExA
SHSetValueA

comctl32

ImageList_Draw
ImageList_Read
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Remove

oleaut32

VariantCopyInd
SysAllocStringLen
OleLoadPicture
GetErrorInfo
RegisterTypeLib
SafeArrayCreate
SysReAllocStringLen
SysStringLen
VariantChangeType
SafeArrayPtrOfIndex

Sections

CODE
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 593B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc3
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc7
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc2
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc9
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fe943f1d9636aeeecaf674ce774c128

Headers

File Characteristics

Imports

msvcrt

user32

advapi32

gdi32

shell32

ole32

kernel32

version

shlwapi

comctl32

oleaut32

Sections

CODE Size: 74KB - Virtual size: 73KB

.data Size: 1024B - Virtual size: 593B

.rsrc3 Size: 2KB - Virtual size: 1KB

.rsrc7 Size: 1024B - Virtual size: 776B

.rsrc6 Size: 1KB - Virtual size: 1KB

.rsrc2 Size: 5KB - Virtual size: 4KB

.rsrc9 Size: 130KB - Virtual size: 129KB

.rsrc Size: 1024B - Virtual size: 976B

CODE
Size: 74KB - Virtual size: 73KB

.data
Size: 1024B - Virtual size: 593B

.rsrc3
Size: 2KB - Virtual size: 1KB

.rsrc7
Size: 1024B - Virtual size: 776B

.rsrc6
Size: 1KB - Virtual size: 1KB

.rsrc2
Size: 5KB - Virtual size: 4KB

.rsrc9
Size: 130KB - Virtual size: 129KB

.rsrc
Size: 1024B - Virtual size: 976B