f78ed17c271f6ee6ec860dfddebfa271_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f78ed17c271f6ee6ec860dfddebfa271_JaffaCakes118
Size

173KB
MD5

f78ed17c271f6ee6ec860dfddebfa271
SHA1

00ac754e90a92ba8dfd76e8ec4baed8024bb84d9
SHA256

be4f5e46090f5b1777e0ef23518d9e21c139bfcd4ef8f0b603658e86e6431688
SHA512

40889b5d960c30f053f7e9de876179e3e813a4245f1f93f163f360eb101d3be15f811a41c81b4ebd96ddfd30432784fc3f535b2dc394faa4a9ed9ef8af71d6f3
SSDEEP

3072:/CWWFMG4eW321crUVro+yCJdVSNJXA5pjX/sk6e2qZdyTQ34:TWvl12dCJdVSX8pjX/zLI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f78ed17c271f6ee6ec860dfddebfa271_JaffaCakes118

Files

f78ed17c271f6ee6ec860dfddebfa271_JaffaCakes118
.exe windows:4 windows x86 arch:x86

555a2cf033059621fccd272146b76291

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyAcceleratorTableW
SetRect
SetPropW
RemovePropW
SendDlgItemMessageA
CreateWindowExW
GetClassLongW
GetClassInfoExW
CharUpperW
GetPropW
InvalidateRgn
RegisterWindowMessageW
GetNextDlgTabItem
InvalidateRect
MessageBeep
WinHelpW
CharNextW
IsRectEmpty
GetNextDlgGroupItem
DestroyMenu

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

TextOutW
ExtSelectClipRgn
SetViewportOrgEx
SetWindowExtEx
ExtTextOutW
GetTextColor
SelectObject
PtVisible
DeleteDC
Escape
GetMapMode
ScaleWindowExtEx
GetDeviceCaps
GetBkColor
RectVisible
GetStockObject
ScaleViewportExtEx
OffsetViewportOrgEx
GetRgnBox

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

OleIsCurrentClipboard
StgOpenStorageOnILockBytes
CoTaskMemFree
CoGetClassObject
CoInitialize
OleFlushClipboard
CoRetireServer
CLSIDFromProgID
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoCreateInstance
OleUninitialize
OleInitialize
CoUninitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CoRegisterMessageFilter
CLSIDFromString

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueW
RegCloseKey
RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

shlwapi

PathFindExtensionW
PathStripToRootW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
PathIsUNCW
PathAppendW

kernel32

GetCalendarInfoW
MultiByteToWideChar
WriteFile
GetLocaleInfoW
GetCurrentProcessId
CreateFileW
FindNextFileW
EnumResourceLanguagesW
MoveFileW
GetSystemDefaultLangID
GetFileAttributesW
lstrcpyW
InterlockedDecrement
RemoveDirectoryW
EnumResourceNamesA
GetCurrentDirectoryW
SetFilePointer
FindClose
SystemTimeToFileTime
FindFirstFileW
ExitProcess
GetVersion
DeleteFileW
LoadLibraryW
SetFileTime
GetModuleFileNameW
LocalFileTimeToFileTime
CreateDirectoryW
ConvertDefaultLocale
ReadFile
WideCharToMultiByte
GetProcAddress

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

555a2cf033059621fccd272146b76291

Headers

File Characteristics

Imports

user32

shell32

gdi32

oleacc

ole32

advapi32

shlwapi

kernel32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 70KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 70KB

.edata
Size: 1024B - Virtual size: 96KB