5325ff84923212d79f6c6a2cc6ba815e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5325ff84923212d79f6c6a2cc6ba815e_JaffaCakes118
Size

185KB
MD5

5325ff84923212d79f6c6a2cc6ba815e
SHA1

b4f49fa575efd45b840160808ba46b7d8bb5365a
SHA256

de58b7282eb1fa41c3f3d67508aa8413fb8709356321dc2d39cf1cdf35d38f0e
SHA512

03fc48a3e024c2a0419df0f685546ffc86972af9ea7e2ea146ca7bda7ebc3eefc01c56a9188d541ab14ac3fb253d94c6711489b1eda6ac2bfdef8dbfb4f2ca2f
SSDEEP

3072:iYw4bProPzWfFL2mlH5gfvSzr/IPnSUkoiQTh4yWyxRjF3phHLAln2QMpHIkdP:iYDobWdLHlH5g82nlkoiSxWmRjF3pZEI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5325ff84923212d79f6c6a2cc6ba815e_JaffaCakes118

Files

5325ff84923212d79f6c6a2cc6ba815e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

449c937fa58c1b223027a9f9d9f50df6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHEnumValueA
SHGetValueA
SHSetValueA
PathFileExistsA
PathIsDirectoryA
SHStrDupA
PathIsContentTypeA
SHDeleteValueA
SHDeleteKeyA

comdlg32

FindTextA
GetSaveFileNameA
GetFileTitleA
ChooseColorA

msvcrt

calloc
malloc
atol
clock
wcscspn
rand
log
strcmp
strlen
memcpy
wcsncmp
strncmp
mbstowcs
ceil
memmove

comctl32

ImageList_GetBkColor
ImageList_Read

kernel32

lstrcatA
WriteFile
GetLastError
Sleep
EnterCriticalSection
DeleteCriticalSection
SetFilePointer
GetACP
LockResource
ResetEvent
FindResourceA
ExitThread
GetStdHandle
GetCurrentProcessId
EnumCalendarInfoA
LocalReAlloc
GetCurrentProcess
lstrcpynA
GlobalAddAtomA
lstrcpyA
GetProcAddress
HeapDestroy
GetCommandLineA
LocalAlloc
FindFirstFileA
GetFileType
GetModuleFileNameA
lstrcmpiA
GetVersionExA
GetDiskFreeSpaceA
CreateEventA
GetCurrentThreadId
InitializeCriticalSection
LoadLibraryA
GetCPInfo
GetTickCount
CreateThread
FindClose
DeleteFileA
HeapAlloc
MoveFileExA
HeapFree
GetUserDefaultLCID
CloseHandle
GetStringTypeA
GetFileAttributesA
GetFullPathNameA
GetVersion
VirtualAllocEx
GetEnvironmentStrings
GetOEMCP
RaiseException
GetStringTypeW
LocalFree
VirtualAlloc
LoadResource
SetErrorMode
FormatMessageA
SetEndOfFile
LoadLibraryExA
GlobalAlloc
GetFileSize
lstrlenA
SetEvent
ReadFile
MoveFileA
GetLocalTime
GetStartupInfoA
GetSystemDefaultLangID
WideCharToMultiByte
VirtualQuery
WaitForSingleObject
GetCurrentThread
lstrcmpA
SetThreadLocale
GlobalDeleteAtom
GetModuleHandleA
GetDateFormatA
CompareStringA
GetProcessHeap
ExitProcess
GetLocaleInfoA
VirtualFree
GetThreadLocale
SizeofResource

shell32

Shell_NotifyIconA
DragQueryFileA
SHGetSpecialFolderLocation
SHGetDiskFreeSpaceA

gdi32

GetDIBColorTable
RestoreDC
CreateCompatibleBitmap
CopyEnhMetaFileA
SaveDC

user32

CallNextHookEx
SystemParametersInfoA
IsWindowVisible
CharNextA
GetMenuItemID
GetActiveWindow
GetLastActivePopup
IsChild
GetKeyNameTextA
CallWindowProcA
EqualRect
FrameRect
GetClassInfoA
DispatchMessageA
GetDC
EndDeferWindowPos
GetForegroundWindow
CreateWindowExA
SetWindowTextA
GetScrollPos
GetScrollRange
CharLowerBuffA
GetMessagePos
DrawIconEx
MessageBoxA
GetSubMenu
DrawFrameControl
EnableScrollBar
RegisterClassA
EnumThreadWindows
GetDesktopWindow
GetClassLongA
CheckMenuItem
TrackPopupMenu
GetMenuItemCount
GetFocus
BeginDeferWindowPos
IsMenu
DefMDIChildProcA
GetScrollInfo
ClientToScreen
GetSysColor
GetClipboardData
IsWindowEnabled
FillRect
GetMenuItemInfoA
EnableWindow
CreateIcon
EnumChildWindows
GetWindow
GetMenu
DrawEdge
EnableMenuItem
DrawMenuBar
BeginPaint
GetKeyState
DrawIcon
CreatePopupMenu
DefWindowProcA
GetPropA
EnumWindows
CharToOemA
SetWindowLongA
FindWindowA
GetMenuState
GetSysColorBrush
GetCursor
GetDlgItem
ShowWindow
CreateMenu
GetMenuStringA
EndPaint
DrawTextA
GetIconInfo
HideCaret
SetTimer
GetCursorPos
IsDialogMessageA
GetCapture
DispatchMessageW
DefFrameProcA
GetClientRect
GetWindowTextA
CharLowerA
SetWindowPos
GetDCEx

ole32

CoRegisterClassObject

Sections

CODE
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 512B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

449c937fa58c1b223027a9f9d9f50df6

Headers

File Characteristics

Imports

shlwapi

comdlg32

msvcrt

comctl32

kernel32

shell32

gdi32

user32

ole32

Sections

CODE Size: 54KB - Virtual size: 53KB

.rdata Size: 127KB - Virtual size: 127KB

.init Size: 512B - Virtual size: 60KB

.bss Size: 1KB - Virtual size: 1KB

CODE
Size: 54KB - Virtual size: 53KB

.rdata
Size: 127KB - Virtual size: 127KB

.init
Size: 512B - Virtual size: 60KB

.bss
Size: 1KB - Virtual size: 1KB