d2ca6453a391b7d8eb00d63e274ea843_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d2ca6453a391b7d8eb00d63e274ea843_JaffaCakes118
Size

172KB
MD5

d2ca6453a391b7d8eb00d63e274ea843
SHA1

14e107604480aeca6d669304cd08b65424a7247a
SHA256

e6fe59b6a7ad957d5b8a67ae641a0008a6764c486f414a07860f738afb014f3d
SHA512

c7908d6e481ddda83074fd391baf3f721fb3e3db75f7b6fcb2c49c592d749d7f9e5e7d018f6684957ab5d6e398716d16170059d0eebf70708de5ad3bb6846c55
SSDEEP

3072:jq2M5+r3HZODwPm33bKAi5z5U8BRyCkfMTJAVw3zNB1/F3e/K0ih34:+2M5sOSu2JKCyW1/FeS0ihI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2ca6453a391b7d8eb00d63e274ea843_JaffaCakes118

Files

d2ca6453a391b7d8eb00d63e274ea843_JaffaCakes118
.exe windows:4 windows x86 arch:x86

302914f12abf060c0532a35621a25cda

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
CreateDirectoryW
GetCurrentProcessId
GetCalendarInfoW
GetVersion
WriteFile
FindClose
GetThreadContext
ConvertDefaultLocale
FindFirstFileW
MultiByteToWideChar
GetLocaleInfoW
LocalFileTimeToFileTime
LoadLibraryW
CreateFileW
ReadFile
MoveFileW
GetCurrentDirectoryW
EnumResourceNamesA
WideCharToMultiByte
GetModuleFileNameW
SetFileTime
RemoveDirectoryW
SystemTimeToFileTime
ExitProcess
GetFileAttributesW
lstrcpyW
DeleteFileW
EnumResourceLanguagesW
InterlockedDecrement
FindNextFileW
SetFilePointer
GetProcAddress

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

PtVisible
DeleteDC
OffsetViewportOrgEx
TextOutW
GetDeviceCaps
SetViewportOrgEx
GetBkColor
GetStockObject
SetWindowExtEx
ScaleViewportExtEx
GetMapMode
ScaleWindowExtEx
ExtTextOutW
RectVisible
GetTextColor
SelectObject
ExtSelectClipRgn
Escape
GetRgnBox

advapi32

RegQueryInfoKeyW
RegQueryValueW
RegEnumKeyW
RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

user32

GetNextDlgTabItem
GetClassInfoExW
GetClassLongW
RemovePropW
MessageBeep
SendDlgItemMessageA
IsRectEmpty
InvalidateRect
SetPropW
CharUpperW
SetRect
RegisterWindowMessageW
InvalidateRgn
GetNextDlgGroupItem
CreateWindowExW
CharNextW
CopyAcceleratorTableW
WinHelpW
GetPropW
DestroyMenu

ole32

StgCreateDocfileOnILockBytes
CoCreateInstance
CLSIDFromProgID
CoTaskMemFree
OleFlushClipboard
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
OleInitialize
CoRegisterMessageFilter
OleUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
CoUninitialize
CLSIDFromString

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathIsUNCW
PathFileExistsW
PathStripToRootW
PathFindFileNameW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

302914f12abf060c0532a35621a25cda

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

advapi32

user32

ole32

shlwapi

oleacc

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 67KB - Virtual size: 67KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 67KB - Virtual size: 67KB

.edata
Size: 1024B - Virtual size: 96KB