fae1c8b620dc64415227f36408a83c57_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fae1c8b620dc64415227f36408a83c57_JaffaCakes118
Size

184KB
MD5

fae1c8b620dc64415227f36408a83c57
SHA1

7bbcdb378d141a1f7af1da63369b0e7aad8e5235
SHA256

b15360d4a76354cbc0dcec4fc03f527f734a16ab923f874c5e5b7f633cb5e805
SHA512

95dc345b29dbc1b7a53cf54295442c55337bc13a0b07fdaac825e31a9088a97c15e6603db539c7d53b0d8fe05b999fe94d6932c3949d13d0eb16dbfa347548c6
SSDEEP

3072:b4ebMAvdJrQGuLIn2s8m2HF8LqCHfXeKHxbBgYJiH0yCKuv8Lc+5:8AvTrTaJs8m2HunXnRNBJiH0yC5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fae1c8b620dc64415227f36408a83c57_JaffaCakes118

Files

fae1c8b620dc64415227f36408a83c57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a31e4c52fb2845eea01d65e3fc088240

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryValueW
RegOpenKeyW
RegCloseKey
RegQueryValueExW

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

InvalidateRgn
GetNextDlgGroupItem
GetClassInfoExW
CreateWindowExW
WinHelpW
RemovePropW
CharNextW
SendDlgItemMessageA
IsRectEmpty
GetNextDlgTabItem
CopyAcceleratorTableW
CharUpperW
SetPropW
GetClassLongW
InvalidateRect
RegisterWindowMessageW
MessageBeep
GetPropW
SetRect
DestroyMenu

gdi32

DeleteDC
GetMapMode
ScaleWindowExtEx
Escape
GetStockObject
ExtSelectClipRgn
SetWindowExtEx
SetViewportOrgEx
GetBkColor
RectVisible
PtVisible
ScaleViewportExtEx
GetDeviceCaps
TextOutW
ExtTextOutW
SelectObject
GetTextColor
OffsetViewportOrgEx
GetRgnBox

kernel32

FindClose
CreateDirectoryW
GetLocaleInfoW
GetCalendarInfoW
SetFilePointer
FindFirstFileW
GetCurrentDirectoryW
WriteFile
GetVersion
GetSystemDefaultLangID
LoadLibraryW
GetModuleFileNameW
SetFileTime
FindNextFileW
EnumResourceLanguagesW
DeleteFileW
CreateFileW
LocalFileTimeToFileTime
EnumResourceNamesA
RemoveDirectoryW
MoveFileW
GetCurrentProcessId
ExitProcess
InterlockedDecrement
ConvertDefaultLocale
GetFileAttributesW
lstrcpyW
MultiByteToWideChar
SystemTimeToFileTime
WideCharToMultiByte
ReadFile
GetProcAddress

ole32

StgOpenStorageOnILockBytes
CoTaskMemAlloc
OleFlushClipboard
StgCreateDocfileOnILockBytes
CLSIDFromProgID
CoRetireServer
CoRegisterMessageFilter
CoFreeUnusedLibraries
CoCreateInstance
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleInitialize
CoInitialize
CoUninitialize
OleIsCurrentClipboard
OleUninitialize
CoTaskMemFree
CoGetClassObject
CLSIDFromString

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a31e4c52fb2845eea01d65e3fc088240

Headers

File Characteristics

Imports

advapi32

shlwapi

oleacc

user32

gdi32

kernel32

ole32

shell32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 76KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 76KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 244KB