180ca74a139a98c3ca275068675aacbe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

180ca74a139a98c3ca275068675aacbe_JaffaCakes118
Size

20KB
MD5

180ca74a139a98c3ca275068675aacbe
SHA1

a393355c11750c29d44da656d41b3956884e0241
SHA256

f6b8821db1dd8da445ddf5657883acd379c640c0b7889f764e5ef7ac41e32268
SHA512

a2f201b0cbbc26aa6450844acbbb312cdf2924c1eac1e435b30e3989efeb928fd8639f8fedb24e9577d161a772edd705e0d414620f0c03196290cbd167162257
SSDEEP

384:FGxQBRw4uF17rv6WqrezNWxf6i5o7Ia4L9eYHdOyfvXsVMX/MZqxNlbLT07U+s:FTwd17rvbqrezwzo7IaMeuO7MX/aqxNm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
180ca74a139a98c3ca275068675aacbe_JaffaCakes118

Files

180ca74a139a98c3ca275068675aacbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd262bbfd2804a515dff52a60f60b056

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpW

user32

IsDlgButtonChecked
GetDlgItem
SetWindowLongW
SetWindowPos
CharNextW
UnregisterClassA
CheckRadioButton
EnableWindow
GetWindowRect
SendMessageW
ShowWindow
CheckDlgButton

oleacc

AccessibleObjectFromWindow
AccessibleObjectFromEvent

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

kernel32

Sleep
GetACP
lstrlenW
CreateProcessA
GetProcAddress
CloseHandle
LocalAlloc
IsDebuggerPresent
GetCurrentThreadId
HeapFree
LockResource
LoadLibraryW
InterlockedExchange
GetSystemDirectoryW
MultiByteToWideChar
GetCurrentProcessId
HeapAlloc
GetModuleFileNameW
GetCurrentProcess
LoadLibraryExW
DisableThreadLibraryCalls
DeleteCriticalSection
GetTempFileNameA
FindResourceW
InterlockedCompareExchange
lstrcmpiW
GetModuleHandleW
SetUnhandledExceptionFilter
RaiseException
LeaveCriticalSection
LoadResource
QueryPerformanceCounter
TerminateProcess
GetProcessHeap
GetTickCount
EnterCriticalSection
GetLastError
GetTempPathA
GetVersionExA
VirtualProtect
GetLocaleInfoA
LoadLibraryA
GetSystemTimeAsFileTime
GetThreadLocale
InitializeCriticalSection
UnhandledExceptionFilter
VirtualAlloc
SizeofResource

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExA
RegEnumKeyExW
RegQueryValueExW
RegQueryValueExA
RegDeleteValueW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 512B - Virtual size: 293B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd262bbfd2804a515dff52a60f60b056

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

user32

oleacc

ole32

kernel32

advapi32

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 80KB

.debug Size: 512B - Virtual size: 293B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 80KB

.debug
Size: 512B - Virtual size: 293B