4056ab0cea22a545b80223faa4a323d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4056ab0cea22a545b80223faa4a323d6_JaffaCakes118
Size

5.4MB
MD5

4056ab0cea22a545b80223faa4a323d6
SHA1

a2d20bbf1489de01f10e0afb5d34d4c5cb8702c1
SHA256

97754af175ce14a2bd535ca41c3d8d179fedcac36720dadfad793daa5116e751
SHA512

33a722360582940daa53f4ec7e18c4afb2baba88e829fe87da95a1ee2f9623e3a78faf5eb43a9cc2868489c011951a2382bdfa0385bd56be0816f895f4371b1f
SSDEEP

98304:f3C7COW4WTlgTaNDn4od92DWUkZHg6rGdwgkKnm/6rQlL:/HYWZh74oP2DWUkZHabS6rQJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4056ab0cea22a545b80223faa4a323d6_JaffaCakes118

Files

4056ab0cea22a545b80223faa4a323d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e61aeb9ad537db4700dd3ed67e6de7bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetProfileStringA
CreateFileA
GlobalReAlloc
GetTimeZoneInformation
FindFirstFileA
_llseek
GetModuleHandleW
CloseHandle
GetStartupInfoA
CreateFileMappingA
GetModuleFileNameA
GlobalSize
VirtualFree
_lcreat
_lread
_lopen
SetFilePointer
FindNextFileA
SetCurrentDirectoryA
MoveFileA
FileTimeToLocalFileTime
GetSystemTime
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcess
SetUnhandledExceptionFilter
GetSystemDefaultUILanguage
SearchPathA
GetTempPathA
CreateDirectoryA
GetSystemWindowsDirectoryA
lstrcmpiA
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetProcAddress
GetUserDefaultLCID
MulDiv
lstrcpynA
lstrcpyA
LocalAlloc
LocalFree
lstrcatA
GetLocaleInfoA
GetLastError
CopyFileExA
MultiByteToWideChar
lstrlenA

user32

TranslateAcceleratorA
GetMessageA
SetMessageQueue
SetCapture
InflateRect
FrameRect
ClientToScreen
SetCursor
SetWindowPos
GetMonitorInfoA
MonitorFromPoint
GetMessagePos
ChildWindowFromPoint
EndPaint
BeginPaint
GetSysColorBrush
PeekMessageA
GetFocus
KillTimer
wsprintfA
CallWindowProcA
PostMessageA
GetParent
GetClientRect
SetDlgItemTextA
GetWindowLongA
GetDlgItemTextA
GetWindowTextLengthA
IsWindowEnabled
EndDialog
SetWindowLongA
SetFocus
EnableWindow
GetDlgItem
SendDlgItemMessageA
CharNextA
CharPrevA
WinHelpA
CharLowerA
GetSysColor
InvertRect
SetRect
GetActiveWindow
LoadStringA
CharUpperA
GetDesktopWindow
MessageBoxA
LoadBitmapA
PtInRect
ShowScrollBar
InvalidateRgn
UpdateWindow
ReleaseDC
GetDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
CharNextW
RegisterClassExA
LoadIconA
LoadImageA
IsRectEmpty
SetRectEmpty
SystemParametersInfoA
IsClipboardFormatAvailable

gdi32

LineTo
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
Polyline
RealizePalette
RectVisible
GetWinMetaFileBits
Rectangle
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
LPtoDP
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
SetPaletteEntries
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWinMetaFileBits
SetWindowOrgEx
StartDocW
StartPage
StretchBlt
StretchDIBits
UnrealizeObject
IntersectClipRect
SetBkColor
GetTextExtentPointW
GetTextMetricsW
GetWindowOrgEx

advapi32

RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA

ole32

OleDraw
OleSetMenuDescriptor
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
ProgIDFromCLSID
StringFromCLSID
CoCreateInstance
CoGetClassObject
CoUninitialize
IsAccelerator
CoInitialize

msvcrt

_strcmpi
strncpy
_stricmp
_fullpath
atol
_exit
strncmp
_itoa
isspace
memmove
strtol

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e61aeb9ad537db4700dd3ed67e6de7bd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 320KB

.adata Size: 3.9MB - Virtual size: 3.9MB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 104KB - Virtual size: 103KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 320KB

.adata
Size: 3.9MB - Virtual size: 3.9MB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 104KB - Virtual size: 103KB