445fef9a8a65f167678adf61c5e3901f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

445fef9a8a65f167678adf61c5e3901f_JaffaCakes118
Size

94KB
MD5

445fef9a8a65f167678adf61c5e3901f
SHA1

8511d23c877ae47193fbcd7d7c4c7dfbe9354130
SHA256

ea3253e79844116259bae34500d234047097858086127681735704aa5e1b2d3b
SHA512

d996f822f63aaab84ebd8dcf4421bb07bafd366b15f05b8a19412976471232b8807cd995521cc88e505697caa6453385db45eeaa4d89bdb6a97bccd3fcb5155f
SSDEEP

1536:NbjwlBMbBgOMYz8YmUurw4947plq0FEiwn64Q5QPFG7xWVAeqyzFVkxYZf7G3b4:NkS8rw4948ni5QPFG7xqAdc3RZTG3b4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
445fef9a8a65f167678adf61c5e3901f_JaffaCakes118

Files

445fef9a8a65f167678adf61c5e3901f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a83d333bb94ee0baf8d8b2ae15f2b0df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GetModuleHandleA
GetModuleFileNameA
MoveFileExA
GetCurrentProcess
GetStartupInfoA
GetStringTypeW
GlobalAddAtomA
ReadFile
LoadLibraryExA
GetStdHandle
ResetEvent
GetCurrentProcessId
EnterCriticalSection
ExitThread
FormatMessageA
GetCurrentThread
SetFilePointer
Sleep
WriteFile
GetDateFormatA
GetUserDefaultLCID
GetACP
GetFileSize
lstrlenA
FindFirstFileA
LocalAlloc
VirtualFree
SetEvent
VirtualAllocEx
CreateEventA
GetFullPathNameA
FindResourceA
GetSystemDefaultLangID
CloseHandle
DeleteCriticalSection
GetDiskFreeSpaceA
LocalFree
VirtualQuery
WaitForSingleObject
SetHandleCount
SetErrorMode
lstrcpyA
CompareStringA
CreateFileA
lstrcpynA
GetCurrentThreadId
GetLocalTime
GetVersionExA
VirtualAlloc
GetLastError
EnumCalendarInfoA
GetTickCount
GetOEMCP
FreeResource
HeapAlloc
SizeofResource
ExitProcess

version

VerQueryValueA
GetFileVersionInfoA
VerInstallFileA

shlwapi

SHQueryInfoKeyA
SHDeleteKeyA
PathFileExistsA
SHStrDupA
PathIsContentTypeA
SHEnumValueA
SHGetValueA
PathIsDirectoryA
PathGetCharTypeA
SHSetValueA

ntdll

atol

oleaut32

SysStringLen
RegisterTypeLib
GetErrorInfo
SafeArrayPtrOfIndex
VariantChangeType

shell32

SHGetDesktopFolder
SHGetFolderPathA
SHGetDiskFreeSpaceA
SHFileOperationA

comctl32

ImageList_Write
ImageList_DrawEx
ImageList_Create
ImageList_Add
ImageList_Destroy
ImageList_DrawEx
ImageList_Add
ImageList_Remove
ImageList_GetBkColor

msvcrt

memcpy
srand
wcschr
strlen
memmove
rand
time
mbstowcs
sprintf
atol
malloc
memset
wcstol
calloc
tolower
swprintf
exit
sqrt
wcscspn

user32

CallWindowProcA
GetScrollPos
GetClassInfoA
CreateIcon
RegisterClassA
GetLastActivePopup
GetFocus
EnumThreadWindows
GetMessagePos
BeginPaint
SetCursor
CheckMenuItem
GetDC
GetParent
ClientToScreen
ShowScrollBar
GetKeyNameTextA
GetScrollInfo
EnableWindow
TrackPopupMenu
SetWindowLongA
DrawEdge
IsWindowEnabled
GetForegroundWindow
GetCapture
GetIconInfo

comdlg32

ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

gdi32

CreatePenIndirect
CreateBitmap

ole32

CoGetObjectContext

advapi32

RegOpenKeyExA
RegQueryInfoKeyA

Sections

CODE
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a83d333bb94ee0baf8d8b2ae15f2b0df

Headers

File Characteristics

Imports

kernel32

version

shlwapi

ntdll

oleaut32

shell32

comctl32

msvcrt

user32

comdlg32

gdi32

ole32

advapi32

Sections

CODE Size: 30KB - Virtual size: 30KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 5KB - Virtual size: 4KB

.init Size: 1024B - Virtual size: 688B

.rsrc Size: 1024B - Virtual size: 571B

CODE
Size: 30KB - Virtual size: 30KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 5KB - Virtual size: 4KB

.init
Size: 1024B - Virtual size: 688B

.rsrc
Size: 1024B - Virtual size: 571B