570f1ea2ac8d9c42d9eeaeb268614e15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

570f1ea2ac8d9c42d9eeaeb268614e15_JaffaCakes118
Size

172KB
MD5

570f1ea2ac8d9c42d9eeaeb268614e15
SHA1

457a00b68962526498d3440c17a5aefc62a37da9
SHA256

c9c16177a6abafc583df90885bfffaf4610cc8ff3809c4b6af825f64083e36d7
SHA512

a28d4495f8b59dabc576786f8b67f2bb79d163e9498328efe60b095ec60133a2d966755d9c1b530389dae84e8f9b931e5ee6e084394144e4b2f5fcb011fe1012
SSDEEP

3072:TDg4E4pzrfAtNhNXKAq/yaFRc+jbsFHHHAv5RRQ6unfUPlL6e+:3EqzrCNzd0Pvj2HMReiGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
570f1ea2ac8d9c42d9eeaeb268614e15_JaffaCakes118

Files

570f1ea2ac8d9c42d9eeaeb268614e15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eeba27856779defc522a2059e6d80119

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
FormatMessageA
WaitForSingleObject
FreeResource
HeapFree
GetCurrentThreadId
FreeLibrary
FindClose
CreateEventA
GetFileSize
LocalAlloc
GetModuleHandleA
LocalReAlloc
SetLastError
GetVersionExA
ReadFile
GetLastError
SetHandleCount
lstrcpynA
lstrlenA
lstrcatA
GetStartupInfoA
LoadLibraryA
MoveFileExA
LoadResource
CreateFileA
GetThreadLocale
SetEndOfFile
DeleteCriticalSection
VirtualFree
GlobalDeleteAtom
MulDiv
SetEvent
LoadLibraryExA
HeapAlloc
lstrcmpA
GetCurrentThread
GetCurrentProcessId
ExitThread
GetACP
GetStringTypeA
InitializeCriticalSection
SetFilePointer
MoveFileA
GetProcAddress
VirtualQuery
GetFileAttributesA
GetFileType
DeleteFileA
GetModuleFileNameA
GetOEMCP
lstrcpyA
WideCharToMultiByte
VirtualAlloc
ExitProcess
VirtualAllocEx

gdi32

GetDCOrgEx
CreatePenIndirect
SelectObject
GetPixel

shlwapi

SHStrDupA

user32

GetClientRect
GetKeyNameTextA
IsWindowEnabled
GetSysColorBrush
GetWindow
DrawTextA
CharToOemA
EndPaint
GetClassInfoA
GetDlgItem
GetParent
CallNextHookEx
IsChild
DrawIconEx
GetPropA
HideCaret
FillRect
CreatePopupMenu
GetCapture
CharNextA
TrackPopupMenu
GetWindowTextA
DrawIcon
BeginPaint
GetMessagePos
GetMenuItemInfoA
GetKeyState
GetCursorPos
GetScrollInfo
GetClassLongA
RegisterClassA
EndDeferWindowPos
GetMenuState
FrameRect
SetCursor
GetSysColor
IsDialogMessageA
GetCursor
GetDCEx
GetMenuItemCount
MessageBoxA
GetSubMenu
ShowScrollBar
EnumWindows
GetMenu
DeferWindowPos
ClientToScreen

advapi32

RegQueryValueExA
GetUserNameA
RegEnumValueA

shell32

SHGetFileInfoA
DragQueryFileA
SHGetDesktopFolder

version

VerQueryValueA
VerFindFileA
VerInstallFileA

comdlg32

FindTextA

oleaut32

VariantChangeType
SafeArrayCreate
SafeArrayPtrOfIndex
SysStringLen

ole32

CoFreeUnusedLibraries
WriteClassStm
CoTaskMemFree
CoGetObjectContext
CoCreateInstanceEx
StringFromIID
CoCreateFreeThreadedMarshaler
CoUninitialize
MkParseDisplayName
CreateBindCtx

ntdll

atoi

comctl32

ImageList_Read
ImageList_GetBkColor
ImageList_Destroy
ImageList_DrawEx

msvcrt

srand
wcstol
clock
time
strlen
_acmdln
sqrt
calloc
malloc
memcpy

Sections

.CODE
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eeba27856779defc522a2059e6d80119

Headers

File Characteristics

Imports

kernel32

gdi32

shlwapi

user32

advapi32

shell32

version

comdlg32

oleaut32

ole32

ntdll

comctl32

msvcrt

Sections

.CODE Size: 46KB - Virtual size: 46KB

.idata Size: 117KB - Virtual size: 117KB

.data Size: 5KB - Virtual size: 5KB

.rdata Size: 512B - Virtual size: 44KB

.bss Size: 512B - Virtual size: 502B

.CODE
Size: 46KB - Virtual size: 46KB

.idata
Size: 117KB - Virtual size: 117KB

.data
Size: 5KB - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 44KB

.bss
Size: 512B - Virtual size: 502B