56cfb848ea79d5f3e2d83e9b35d85455_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56cfb848ea79d5f3e2d83e9b35d85455_JaffaCakes118
Size

162KB
MD5

56cfb848ea79d5f3e2d83e9b35d85455
SHA1

20084bf74e6f91840e58d06e9b368bc7557d3364
SHA256

11c29f00119517b595db965a9aaa577aef068181aecfb26dbcc36a6fdf2f4285
SHA512

e8b624b81340e96d97561ff7580782e1eea425db9f64de1897dd60996fd3629d89e4de74b27540fafed1b2d185f3155e4e02102c8552f01325a1b7fcba0ee240
SSDEEP

3072:8mFOdg4frUznU1flGKIVHMsmw6GgV8XwjArdrS5elcRea8ggwj:8mFOdxfgzU9MrMFw6VV89dnc40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56cfb848ea79d5f3e2d83e9b35d85455_JaffaCakes118

Files

56cfb848ea79d5f3e2d83e9b35d85455_JaffaCakes118
.exe windows:4 windows x86 arch:x86

818f412364f097a5b01932ff8e427ccc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtWaitForSingleObject
_wcsnicmp
RtlDeleteCriticalSection

version

VerInstallFileA

shlwapi

PathFileExistsA

oleaut32

SafeArrayPtrOfIndex

ole32

CLSIDFromString
CreateOleAdviseHolder
StringFromIID
CreateBindCtx
CoFreeUnusedLibraries
OleRun
MkParseDisplayName

user32

GetClassLongA
GetDCEx
EnumThreadWindows
GetWindowTextA
EndDeferWindowPos
GetKeyState
DispatchMessageA
GetParent
GetMessagePos
CreateMenu
CreatePopupMenu
MessageBoxA
SetWindowLongA
GetMenu
ShowWindow
GetMenuItemID
SystemParametersInfoA
GetActiveWindow
DrawFrameControl
GetKeyNameTextA
CallNextHookEx
IsChild
GetScrollRange
EnableWindow
EnableMenuItem
DrawMenuBar
CreateIcon
GetForegroundWindow
GetWindow
SetCursor
EqualRect
EnumChildWindows
SetWindowTextA
GetSysColorBrush
FrameRect
GetDlgItem
GetCursor
GetMenuItemInfoA
CharLowerA
GetClientRect
DefWindowProcA
GetSubMenu
BeginDeferWindowPos
GetFocus
CharToOemA
IsWindowVisible
GetMenuItemCount

shell32

SHGetFolderPathA

kernel32

RaiseException
CreateThread
GetProcessHeap
lstrcpyA
GlobalAddAtomA
FindFirstFileA
VirtualAlloc
SetThreadLocale
LoadLibraryA
LoadLibraryExA
FreeLibrary
WideCharToMultiByte
GetUserDefaultLCID
LocalAlloc
MoveFileExA
FreeResource
lstrcmpA
GetStdHandle
GetLocalTime
GetCurrentThreadId
MoveFileA
GetModuleHandleA
GetVersionExA
GetStartupInfoA
GetACP
VirtualFree
GlobalDeleteAtom
GetCurrentProcess
SetEndOfFile
SetEvent
LockResource
SetLastError
SetFilePointer
GetOEMCP
ExitThread
GetCurrentThread

gdi32

GetDIBColorTable
CreatePenIndirect
GetDCOrgEx
SetPixel
CreateDIBitmap
SaveDC
SetTextColor
CreateFontIndirectA
RestoreDC
CreateBitmap

msvcrt

clock
calloc
wcsncmp
swprintf
memcpy
srand
strlen
tolower
time
rand
memset
malloc
sqrt

advapi32

GetLengthSid
RegCreateKeyExA

comdlg32

GetSaveFileNameA
FindTextA
GetFileTitleA

comctl32

ImageList_Destroy
ImageList_Add
ImageList_Draw

Sections

CODE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 205B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

818f412364f097a5b01932ff8e427ccc

Headers

File Characteristics

Imports

ntdll

version

shlwapi

oleaut32

ole32

user32

shell32

kernel32

gdi32

msvcrt

advapi32

comdlg32

comctl32

Sections

CODE Size: 33KB - Virtual size: 33KB

.idata Size: 121KB - Virtual size: 121KB

.init Size: 4KB - Virtual size: 72KB

INIT Size: 512B - Virtual size: 205B

.tls Size: 512B - Virtual size: 155B

CODE
Size: 33KB - Virtual size: 33KB

.idata
Size: 121KB - Virtual size: 121KB

.init
Size: 4KB - Virtual size: 72KB

INIT
Size: 512B - Virtual size: 205B

.tls
Size: 512B - Virtual size: 155B