f4be92f300d6814d2f3663d230174995_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4be92f300d6814d2f3663d230174995_JaffaCakes118
Size

178KB
MD5

f4be92f300d6814d2f3663d230174995
SHA1

899265109bb92504cca4d1c182374ca5af1a96bc
SHA256

7aa2a954adb44588b683fe855a57a1012e3d6e2e360f4dd9769fb31b54fef63e
SHA512

fb0e095dbd0bf433346e921a275cd8eac15ad03c17fd9e5278d01941f6149117750240b92ddf9f1e71ff5f7f505babc69baeeb058531b842be86b71d2340b90b
SSDEEP

3072:VPUI+acAwH23Xpq+AWuX8ZsL5MK4cAzTXLkw7XC80iH/fVx05oAaf:VPUwpOL/WuX8CL5MK4cAzXjGiftx05o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4be92f300d6814d2f3663d230174995_JaffaCakes118

Files

f4be92f300d6814d2f3663d230174995_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fb325d911ab3e54c9cfe059f6676b75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorageOnILockBytes
CoInitialize
CLSIDFromProgID
OleInitialize
CoRevokeClassObject
CoTaskMemFree
CoGetClassObject
CoUninitialize
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
CoRegisterMessageFilter
OleFlushClipboard
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
OleUninitialize
CoCreateInstance
CLSIDFromString

kernel32

DeleteFileW
MoveFileW
GetVersion
GetCalendarInfoW
WideCharToMultiByte
MultiByteToWideChar
GetLocaleInfoW
FindClose
GetFileAttributesW
GetModuleFileNameW
GetThreadContext
LoadLibraryW
CreateDirectoryW
EnumResourceLanguagesW
CreateFileW
EnumResourceNamesA
SetFileTime
RemoveDirectoryW
LocalFileTimeToFileTime
GetCurrentProcessId
SystemTimeToFileTime
FindFirstFileW
SetFilePointer
ExitProcess
FindNextFileW
ConvertDefaultLocale
GetCurrentDirectoryW
GetSystemDefaultLangID
ReadFile
lstrcpyW
WriteFile
InterlockedDecrement
GetProcAddress

user32

WinHelpW
RegisterWindowMessageW
SendDlgItemMessageA
GetClassInfoExW
GetNextDlgGroupItem
SetPropW
InvalidateRgn
CharUpperW
GetNextDlgTabItem
InvalidateRect
CreateWindowExW
MessageBeep
CopyAcceleratorTableW
CharNextW
GetClassLongW
GetPropW
SetRect
RemovePropW
IsRectEmpty
DestroyMenu

advapi32

RegQueryValueW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegEnumKeyW
RegCreateKeyExW
RegOpenKeyW
RegCloseKey
RegQueryValueExW

gdi32

SetViewportOrgEx
PtVisible
OffsetViewportOrgEx
ExtSelectClipRgn
SelectObject
GetBkColor
SetWindowExtEx
RectVisible
GetDeviceCaps
TextOutW
DeleteDC
ScaleViewportExtEx
GetStockObject
ExtTextOutW
GetTextColor
ScaleWindowExtEx
GetMapMode
Escape
GetRgnBox

shlwapi

PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fb325d911ab3e54c9cfe059f6676b75

Headers

File Characteristics

Imports

ole32

kernel32

user32

advapi32

gdi32

shlwapi

oleacc

shell32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 75KB - Virtual size: 74KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 75KB - Virtual size: 74KB

.edata
Size: 1024B - Virtual size: 244KB