4492212b888521e720939199fa2cbca0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4492212b888521e720939199fa2cbca0_JaffaCakes118
Size

109KB
MD5

4492212b888521e720939199fa2cbca0
SHA1

942c69f0f3897aa9c002282e498363a7d831c612
SHA256

f45b91b4664277a1c5170ee2e79a37f81cd0ebcbb8e1fa667348f30327000e14
SHA512

509f87be5dff329e9e2013049a72db925510dbdf544fd2725f90ee084ddf718f3cb0ca6b6d398dccb3dc18fa327831a203f32744b087a80477e50fbc03a222a2
SSDEEP

1536:4HI5307uO/e/U2lT1k+Uyx7M+nu/hdfTCabQsF95nqUUbllhL2pvVZ1:4o5uu0e//dUyhMlhNRbxnUblr69Z1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4492212b888521e720939199fa2cbca0_JaffaCakes118

Files

4492212b888521e720939199fa2cbca0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c7bebccc2e3ba7be88eaefffa73afa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
VerInstallFileA

shlwapi

SHQueryValueExA
SHSetValueA
SHGetValueA
SHStrDupA
PathGetCharTypeA
SHEnumValueA
SHQueryInfoKeyA
PathFileExistsA
PathIsContentTypeA
SHDeleteKeyA

advapi32

RegQueryValueA

ole32

PropVariantClear
CoUninitialize
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoCreateFreeThreadedMarshaler

kernel32

LoadLibraryA
VirtualAlloc
EnumCalendarInfoA
GetModuleHandleA
LocalAlloc

shell32

DragQueryFileA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetFolderPathA

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_Draw
ImageList_Create
ImageList_Add
ImageList_Write
ImageList_Read
ImageList_DrawEx
ImageList_Remove

user32

SetCursor
CharNextA
BeginDeferWindowPos
GetMenuState
GetCursorPos
CallWindowProcA
GetClassLongA
GetForegroundWindow
DrawTextA
DeferWindowPos
DrawMenuBar
EnumThreadWindows
HideCaret
EnumWindows
SetTimer
DrawFrameControl
DefMDIChildProcA
BeginPaint
DrawIcon
IsMenu
FrameRect
GetClassInfoA
GetClipboardData
GetActiveWindow
GetScrollInfo
GetFocus
GetLastActivePopup
GetMenuItemInfoA
GetMenuItemID
GetClientRect
GetScrollRange
ShowScrollBar
MessageBoxA
GetIconInfo
SystemParametersInfoA
GetDesktopWindow
ShowWindow
GetMenuItemCount
CharLowerA
EnumChildWindows
GetSysColorBrush
GetMenuStringA
IsWindowVisible
IsDialogMessageA
SetWindowPos
GetKeyNameTextA
GetPropA
GetDCEx
EndDeferWindowPos
CreateMenu
DrawIconEx
GetDlgItem
EnableWindow
GetCursor
EqualRect
DefFrameProcA
GetSubMenu
GetWindowTextA
GetWindow
CheckMenuItem
EnableMenuItem
GetDC
DefWindowProcA
GetParent
CharToOemA
RegisterClassA

msvcrt

memmove
strlen
ceil
strcmp
memcpy
srand
pow
sin

gdi32

SetBkColor
CreatePalette
RestoreDC
GetClipBox
SetBkMode
SelectPalette
GetDIBColorTable
SelectObject
BitBlt
GetRgnBox

comdlg32

ChooseColorA
FindTextA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c7bebccc2e3ba7be88eaefffa73afa7

Headers

File Characteristics

Imports

version

shlwapi

advapi32

ole32

kernel32

shell32

comctl32

user32

msvcrt

gdi32

comdlg32

Sections

.text Size: 50KB - Virtual size: 50KB

.bss Size: 4KB - Virtual size: 3KB

.init Size: 50KB - Virtual size: 50KB

.rdata Size: 2KB - Virtual size: 2KB

.text
Size: 50KB - Virtual size: 50KB

.bss
Size: 4KB - Virtual size: 3KB

.init
Size: 50KB - Virtual size: 50KB

.rdata
Size: 2KB - Virtual size: 2KB