17afa67ceb69b6d56fa533a92750ac26_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17afa67ceb69b6d56fa533a92750ac26_JaffaCakes118
Size

47KB
MD5

17afa67ceb69b6d56fa533a92750ac26
SHA1

b4e6e6eeb94635d24bd0d9b173ecec2933103c4e
SHA256

9b0a1f46d96ba54a49bab0a446f95a69006745d2159ebcc2442eb2c8e378ed32
SHA512

2c6a9af464922ecc3f2af2c142ef7303d665466a33c674547fd4ced6f948f7d1ad8e5df5825355b8f32fb31d41d52e50fa570d2622ba602a06cad9b789ddfba4
SSDEEP

768:JaekWxvyMdzmWtjS0URAdBEzno0z3BCUAVLs:Jjnx8WtjHZdwoKAVLs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17afa67ceb69b6d56fa533a92750ac26_JaffaCakes118

Files

17afa67ceb69b6d56fa533a92750ac26_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e80387adb3a3d4cc892349a23ce9c1cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegQueryValueA
RegSetValueA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA

user32

CallWindowProcA
BeginPaint
SendMessageA
GetWindowLongA
GetClientRect
EndPaint
GetWindowTextA
SetWindowTextA
InvalidateRect
UpdateWindow
PostMessageA
GetWindowRect
SystemParametersInfoA
GetSystemMetrics
SetWindowPos
EndDialog
GetDlgItem
SetWindowLongA
GetSysColor
SetForegroundWindow
MessageBoxA
LoadStringA
DialogBoxParamA
wsprintfA
GetDesktopWindow

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

gdi32

SelectObject
GetTextColor
GetBkColor
SetTextColor
SetBkColor
GetTextExtentPoint32A
ExtTextOutA

kernel32

GetStringTypeW
GetStringTypeA
RtlUnwind
VirtualFree
HeapAlloc
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
ReadFile
GetLastError
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetEndOfFile
HeapCreate
lstrlenA
GetModuleFileNameA
GetACP
CreateThread
ResumeThread
SuspendThread
lstrcmpA
GetShortPathNameA
lstrcatA
lstrcpyA
WaitForSingleObject
DeleteFileA
lstrcmpiA
RemoveDirectoryA
MulDiv
FreeLibrary
GetProcAddress
LoadLibraryA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTempPathA
ExitProcess
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetCPInfo
GetOEMCP
WideCharToMultiByte

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e80387adb3a3d4cc892349a23ce9c1cb

Headers

File Characteristics

Imports

advapi32

user32

shell32

gdi32

kernel32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 4KB