542af9c56fbaf42bbe3bd1697948a70a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

542af9c56fbaf42bbe3bd1697948a70a_JaffaCakes118
Size

22KB
MD5

542af9c56fbaf42bbe3bd1697948a70a
SHA1

b0ed0d9b22fea54d2fe763409699e7cc4819323b
SHA256

19c80a01c88fdbad6420c6d773b4cdc2c14ed29821021e3e001428727948abd9
SHA512

3495411606138047ed39cff8f81c1030f200d042684d7defca3cafdc2348164143cd75f6293acc0536b64f790916d1e1b657735319ad0bfe558fe05c310be3c9
SSDEEP

384:jYptRdJRusCxaLM5a2iEzrDOhg3HDVyCFeIWEud9oeOqe2uML0ycvBZulJeomHdi:jYptRdJIstI5a2iEzrDOhgXDEpEud9Jz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
542af9c56fbaf42bbe3bd1697948a70a_JaffaCakes118

Files

542af9c56fbaf42bbe3bd1697948a70a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b59561e62cf2f0dbbdaf26d9598c3d96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ShowHideMenuCtl

shell32

SHGetFileInfoW
ExtractIconW
Shell_NotifyIconW
ShellExecuteW

comdlg32

GetFileTitleW

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

kernel32

Sleep
HeapFree
GlobalFree
MulDiv
GetSystemInfo
GetCurrentProcessId
LockFile
HeapReAlloc
FindNextFileW
UnlockFile
GlobalUnlock
DeleteFileW
GetShortPathNameW
CreateEventW
GetFileSize
FormatMessageW
LocalAlloc
WideCharToMultiByte
FindFirstFileW
GetStringTypeExW
GetLastError
lstrcmpiW
ReadFile
GetVersionExW
lstrlenW
EnterCriticalSection
TerminateProcess
SetLastError
GetUserDefaultLCID
WaitForSingleObject
FlushFileBuffers
GetFileAttributesA
TlsGetValue
CreateFileW
LoadLibraryA
HeapAlloc
ResetEvent
SizeofResource
GetProcessHeap
SetEndOfFile
GlobalReAlloc
SetFilePointer
FindResourceW
LeaveCriticalSection
LoadResource
LockResource
lstrlenA
GlobalAlloc
GetThreadLocale
GetFullPathNameW
VirtualAlloc
GetVolumeInformationW
CreateProcessW
GetCurrentProcess
DuplicateHandle
WriteFile
lstrcpyA
MoveFileW
GetFileAttributesW
GetModuleFileNameW
GlobalSize
CopyFileW
CloseHandle

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW

user32

GetClientRect
GetMenuStringW
SetActiveWindow
UnhookWindowsHookEx
WaitForInputIdle
GetDlgItemTextW
SetScrollRange
GetWindowDC
GetClassInfoW
GetDesktopWindow
SetPropW
CallWindowProcW
ValidateRect
MessageBoxW
CheckMenuItem

advapi32

RegSetValueW
RegOpenKeyA
RegCreateKeyA
RegSetValueExW
RegCreateKeyW
RegDeleteValueW
RegSetValueExA
RegDeleteKeyW
RegNotifyChangeKeyValue
RegQueryValueExA
RegEnumValueW
RegCloseKey
RegOpenKeyW
RegOpenKeyExW
RegDeleteKeyA
RegCreateKeyExW
RegOpenKeyExA
RegEnumKeyW
RegQueryValueExW

ws2_32

WSAGetLastError

Sections

.data
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b59561e62cf2f0dbbdaf26d9598c3d96

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shell32

comdlg32

version

oleacc

kernel32

shlwapi

user32

advapi32

ws2_32

Sections

.data Size: 7KB - Virtual size: 80KB

.reloc Size: 512B - Virtual size: 24B

.text Size: 512B - Virtual size: 476B

.rsrc Size: 5KB - Virtual size: 4KB

.rdata Size: 7KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 80KB

.reloc
Size: 512B - Virtual size: 24B

.text
Size: 512B - Virtual size: 476B

.rsrc
Size: 5KB - Virtual size: 4KB

.rdata
Size: 7KB - Virtual size: 7KB