51f49fa2d048e334588ac11d711e22ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

51f49fa2d048e334588ac11d711e22ef_JaffaCakes118
Size

111KB
MD5

51f49fa2d048e334588ac11d711e22ef
SHA1

03956b45aa2aa1412a4b831c906a41c1a51fd787
SHA256

f3cddfda09af6e6964929ca0864c7aaa4770c47d1bfab8bad530176f94b6cf50
SHA512

a88728a534204d076f5e5f343e2caa85698bf969544e776cffe96024346dfb128092129ead05b71964d1de0d7139aa45b37ffc999971c35417e5a2be2fbbc3f7
SSDEEP

1536:sFlX2AKQpKRxL/VbUFNUrRwlUPWoidPvVoMOiFuD1uFB3cpKoTW7bi0:2XxKQpKJ4MROUOTVoPsnFB3XoTubi0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51f49fa2d048e334588ac11d711e22ef_JaffaCakes118

Files

51f49fa2d048e334588ac11d711e22ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8189989a4cea6d12bac2f4d1903d1c9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleRun
CLSIDFromString
WriteClassStm
CoCreateInstanceEx
CoRegisterClassObject

user32

PeekMessageA
GetWindow
ShowWindow
SetWindowPlacement
IsDialogMessageA
DrawIcon
GetMenu
RegisterClassA
IntersectRect
DefMDIChildProcA
GetClipboardData
DispatchMessageW
OpenClipboard
wsprintfA
DestroyWindow
GetWindowRect
ChildWindowFromPoint
SetCursor
GetPropA
ScrollWindow
MoveWindow
GetSubMenu
GetKeyState
GetActiveWindow
SetWindowLongA
DestroyIcon
KillTimer
UnhookWindowsHookEx
EnumChildWindows
ReleaseDC
GetCursorPos
GetMessagePos
CheckMenuItem
SetForegroundWindow
DeleteMenu
GetScrollPos
ClientToScreen
LoadKeyboardLayoutA
GetWindowDC
DrawAnimatedRects
GetScrollRange
MessageBoxA
LoadIconA
CharLowerBuffA
CreateWindowExA
LoadCursorA
GetCursor
RemovePropA
InsertMenuA
GetMenuState
GetScrollInfo
GetIconInfo
InflateRect
InvalidateRect
MessageBeep
SetTimer
SetWindowPos
SetPropA
GetClientRect
EnableWindow
RedrawWindow
GetSysColorBrush
DrawTextA
CharToOemA
SetCapture
GetKeyboardState
SetWindowTextA
RegisterWindowMessageA
DestroyCursor
ShowOwnedPopups
BeginPaint
SetWindowLongW
GetClassLongA
IsRectEmpty
OemToCharA
DefWindowProcA
GetClassNameA
LoadStringA
GetWindowPlacement
PostMessageA
IsWindowVisible
CallNextHookEx
IsZoomed
DrawFrameControl
SetClipboardData
GetDCEx
TranslateMessage
SetWindowsHookExA
RegisterClipboardFormatA
GetKeyNameTextA
EnableScrollBar
SetScrollInfo
IsWindowUnicode
TranslateMDISysAccel
SetScrollPos
GetSystemMenu
AdjustWindowRectEx
GetDlgItem
OffsetRect
DestroyMenu
FillRect
GetLastActivePopup
FrameRect
ReleaseCapture
DefFrameProcA
IsIconic
CharUpperBuffA
SetScrollRange
GetClassInfoA
DispatchMessageA
ShowScrollBar
GetMenuItemCount
GetFocus
EmptyClipboard
CharNextA
GetSystemMetrics
PtInRect
GetWindowLongA
MapWindowPoints
GetDC
CreateIcon
PostQuitMessage
WaitMessage
GetCapture
GetWindowLongW
WindowFromPoint
SetMenuItemInfoA
GetForegroundWindow

gdi32

SelectObject
SetBkColor
BitBlt
GetObjectA
CreateDIBSection
GetDIBColorTable
CreateCompatibleBitmap
SetPixel

oleaut32

SysAllocStringLen
SysStringLen
VariantChangeType
RegisterTypeLib
SafeArrayPtrOfIndex
OleLoadPicture
SafeArrayGetElement

comdlg32

ChooseColorA

kernel32

SetLastError
GetCPInfo
lstrcpynA
GlobalAlloc
GlobalFindAtomA
GetTickCount
MulDiv
LoadLibraryExA
RaiseException
GetModuleHandleA
GetProcAddress
GetThreadLocale
MoveFileExA
CompareStringA
GetFileSize
GetDateFormatA
GetProcessHeap
ExitThread
LockResource
LoadLibraryA
LocalReAlloc
GetFileAttributesA
VirtualFree
GetStdHandle
FindClose
SizeofResource
Sleep
SetHandleCount
FormatMessageA
MoveFileA
LoadResource
InitializeCriticalSection
LocalAlloc
FindFirstFileA
GetModuleFileNameA
SetEvent
VirtualAllocEx
lstrcmpiA
DeleteFileA
GetLocalTime
FreeLibrary
GetStringTypeW
VirtualQuery
lstrcatA
GetSystemDefaultLangID
GlobalAddAtomA
GetCurrentThreadId
GetLastError
lstrcmpA
HeapAlloc
GetStringTypeA
GetUserDefaultLCID
EnumCalendarInfoA
ResetEvent
WideCharToMultiByte
CreateThread
GetCommandLineA
SetFilePointer
GetCurrentThread
lstrlenA
WriteFile
CreateFileA
FreeResource
HeapDestroy
GetLocaleInfoA
SetEndOfFile

msvcrt

log
memcpy
memmove
asin
mbstowcs

advapi32

RegEnumKeyA
RegEnumKeyExA
RegQueryValueExA
RegCreateKeyA

shell32

SHFileOperationA
SHGetFolderPathA
SHGetFileInfoA
SHGetDiskFreeSpaceA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 623B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 314B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8189989a4cea6d12bac2f4d1903d1c9f

Headers

File Characteristics

Imports

ole32

user32

gdi32

oleaut32

comdlg32

kernel32

msvcrt

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 31KB

.idata Size: 1024B - Virtual size: 623B

.edata Size: 76KB - Virtual size: 75KB

.data Size: 512B - Virtual size: 314B

.text
Size: 32KB - Virtual size: 31KB

.idata
Size: 1024B - Virtual size: 623B

.edata
Size: 76KB - Virtual size: 75KB

.data
Size: 512B - Virtual size: 314B