380d67fdd603ae8d30b8835877165027_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

380d67fdd603ae8d30b8835877165027_JaffaCakes118
Size

84KB
MD5

380d67fdd603ae8d30b8835877165027
SHA1

41b7b9850d9e562b7425a9f7bf77951e704374c9
SHA256

fca6a6469f1c284b19a1dabbc66a0ed613cddf841164e65de7a546dbe6860ca4
SHA512

45ca3443955f7b7d7e8c3d62a15a119ce6e711ef0498b4bad0c51c20d6a96afcd5f5cb0c8757c3cf4472712c838fe14384eed164866a76eb1679f1206766f6a9
SSDEEP

1536:t4Pma6BNzBpfMmS6/yBrpGrK+ofPYam2tJDFxxDRVvh0+MW+f7OxMu+CaVIiI:GwNXqWK+OPmGJ5XtVy/fua63

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
380d67fdd603ae8d30b8835877165027_JaffaCakes118

Files

380d67fdd603ae8d30b8835877165027_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bdd911a1f749abcc8f5991e57f73c71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
SetFilePointer
DeleteCriticalSection
GetFileSize
LoadLibraryExA
MulDiv
GetModuleHandleA
FreeResource
LockResource
GetStringTypeW
CompareStringA
GetLocalTime
LocalFree
SizeofResource
Sleep
VirtualAllocEx
ExitThread
SetHandleCount
GetCPInfo
LocalAlloc
VirtualAlloc
GetCurrentThread
VirtualQuery
SizeofResource
LoadResource
SetErrorMode
GetCurrentProcess
CompareStringA
GetCommandLineA
LoadLibraryExA
ExitProcess

shell32

SHGetDiskFreeSpaceA
SHGetSpecialFolderLocation
SHGetFolderPathA
SHFileOperationA
SHGetDiskFreeSpaceA
DragQueryFileA
SHGetFileInfoA

shlwapi

SHQueryInfoKeyA

msvcrt

malloc
memset
sprintf
memcpy
wcscspn
swprintf
exit
wcstol
memmove
calloc
mbstowcs
tolower
rand
_acmdln

advapi32

RegEnumKeyA
RegLoadKeyA
RegCreateKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyExA

version

VerInstallFileA
VerQueryValueA
VerFindFileA

user32

IsWindowVisible
EndPaint
GetPropA
DrawIconEx
CreateIcon
GetCursor
DeferWindowPos
GetCapture
FillRect
RegisterClassA
CharLowerA
MessageBoxA
FindWindowA
EnumWindows
GetWindow
EnableScrollBar
ShowScrollBar

ole32

WriteClassStm
CoDisconnectObject
CoGetObjectContext
CoUninitialize
CoTaskMemFree
CLSIDFromProgID
CoRevokeClassObject
CoCreateInstanceEx
CreateStreamOnHGlobal
StgOpenStorage

gdi32

SetPixel
CreatePenIndirect
SetBkColor
CreateBrushIndirect
GetObjectA
GetCurrentPositionEx
SetTextColor
SelectPalette
GetClipBox
GetDIBColorTable

comdlg32

GetFileTitleA
GetOpenFileNameA
FindTextA
GetSaveFileNameA

Sections

.bss
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 47KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bdd911a1f749abcc8f5991e57f73c71

Headers

File Characteristics

Imports

kernel32

shell32

shlwapi

msvcrt

advapi32

version

user32

ole32

gdi32

comdlg32

Sections

.bss Size: 24KB - Virtual size: 24KB

BSS Size: 47KB - Virtual size: 70KB

.rdata Size: 6KB - Virtual size: 6KB

INIT Size: 1KB - Virtual size: 1KB

.edata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 571B

.bss
Size: 24KB - Virtual size: 24KB

BSS
Size: 47KB - Virtual size: 70KB

.rdata
Size: 6KB - Virtual size: 6KB

INIT
Size: 1KB - Virtual size: 1KB

.edata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 571B