e5bcc725cebd594328e1049bcc1d6fe1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e5bcc725cebd594328e1049bcc1d6fe1_JaffaCakes118
Size

179KB
MD5

e5bcc725cebd594328e1049bcc1d6fe1
SHA1

093da4911e69ca81744503bbba0092a0bc73ded1
SHA256

e507e9820b305b1e436d0c38b69aeea1eba957cc9ae3011d73c4e48f0a26f10c
SHA512

03d9e57b60d0a105ea92ea5095c0f6ca54e4bd630ffd7505286fcc70bd2451472db0bf81499192b6b2cf6658bf7c118a869075ecabbd4cc726e578299553d92e
SSDEEP

3072:TF4Ea2JArl3Vw5QUPYLqgoaWcPeaI0ckUTSJu31Hr7Yq:eEaaB5QjLqfaW+20ck2goHrMq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5bcc725cebd594328e1049bcc1d6fe1_JaffaCakes118

Files

e5bcc725cebd594328e1049bcc1d6fe1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e042f6e81ef18432a1c25a5ecbdbc506

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageW
CharNextW
SetPropW
GetNextDlgGroupItem
MessageBeep
CharUpperW
RemovePropW
CopyAcceleratorTableW
GetClassInfoExW
WinHelpW
GetNextDlgTabItem
GetPropW
SendDlgItemMessageA
IsRectEmpty
GetClassLongW
InvalidateRgn
CreateWindowExW
InvalidateRect
SetRect
DestroyMenu

ole32

CoInitialize
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoTaskMemAlloc
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoUninitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoGetClassObject
CLSIDFromProgID
CoRegisterMessageFilter
CoTaskMemFree
CoCreateInstance
OleFlushClipboard
StgOpenStorageOnILockBytes
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

ExtTextOutW
GetDeviceCaps
PtVisible
GetStockObject
SetViewportOrgEx
ScaleWindowExtEx
OffsetViewportOrgEx
GetBkColor
ScaleViewportExtEx
RectVisible
TextOutW
GetMapMode
SetWindowExtEx
ExtSelectClipRgn
Escape
SelectObject
DeleteDC
GetTextColor
GetRgnBox

shlwapi

PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathAppendW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyW
RegDeleteKeyW
RegSetValueExW
RegQueryValueW
RegQueryInfoKeyW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW

kernel32

DeleteFileW
MultiByteToWideChar
GetCurrentProcessId
GetCalendarInfoW
SystemTimeToFileTime
lstrcpyW
GetModuleFileNameW
LoadLibraryW
ReadFile
FindClose
GetSystemDefaultLangID
ConvertDefaultLocale
GetThreadContext
GetFileAttributesW
GetLocaleInfoW
EnumResourceNamesA
FindNextFileW
GetCurrentDirectoryW
LocalFileTimeToFileTime
InterlockedDecrement
SetFilePointer
WideCharToMultiByte
ExitProcess
SetFileTime
EnumResourceLanguagesW
MoveFileW
FindFirstFileW
CreateDirectoryW
RemoveDirectoryW
WriteFile
CreateFileW
GetVersion
GetProcAddress

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e042f6e81ef18432a1c25a5ecbdbc506

Headers

File Characteristics

Imports

user32

ole32

oleacc

gdi32

shlwapi

shell32

advapi32

kernel32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 248KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 248KB