e857d3609b90c26679db81527f127bf0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e857d3609b90c26679db81527f127bf0_JaffaCakes118
Size

99KB
MD5

e857d3609b90c26679db81527f127bf0
SHA1

e79c86e31584202003ae34893f023c2bb15a500c
SHA256

f940db15b2586d4fa80e0d1ce1c70fe4b8ec898320c938a90f4312d3043c6676
SHA512

86da8753ced2337a6e9f64b833dabe7155b191d0751addebedc01c9e7d9f387faf63243b02f4f271980275414cee189c4795fb01bb082878e84e4f22cf740526
SSDEEP

1536:t1+trxEalJM4PdLs9Q0SszsBOC1owid0Swfna4MLkrCEmPqhcel/EAfe0:T8ealhPdLs9QioHpfn6Aoe5Eke0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e857d3609b90c26679db81527f127bf0_JaffaCakes118

Files

e857d3609b90c26679db81527f127bf0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ede931cec0aa918a36c7d68b17df8628

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
GlobalHandle
GetTempFileNameA
GetLocalTime
CopyFileA
VirtualProtect
IsBadReadPtr
FormatMessageA
GetModuleHandleA
GetACP
GetStartupInfoA

user32

IsWindow
LoadCursorA
SetMenu
GetSysColor
DrawIconEx
InsertMenuItemA
DrawMenuBar
RegisterClassA
SetWindowPlacement
PostQuitMessage
DrawTextA

msvcrt

_adjust_fdiv
localtime
_dup2
__set_app_type
exit
_except_handler3
__setusermatherr
_kbhit
__p__fmode
_strlwr
_initterm
__p__commode
sqrt
_acmdln
_XcptFilter
isspace
__getmainargs

oleaut32

SysReAllocStringLen
VariantCopy
VariantCopyInd
SafeArrayRedim
SysStringLen
SafeArrayGetElement
VariantClear
GetErrorInfo

advapi32

RegEnumValueW
RegDeleteKeyW
LookupPrivilegeValueA
CryptHashData
RegOpenKeyW
InitializeAcl
RegEnumKeyExA
RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
GetTokenInformation
CloseServiceHandle

comctl32

CreatePropertySheetPageA
ImageList_LoadImageW
ImageList_Write
ImageList_Create
ImageList_EndDrag
ImageList_Remove
ImageList_DragEnter
ImageList_Read
CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_DragLeave
PropertySheetW

shell32

SHGetFolderLocation
SHBrowseForFolderW
SHGetDiskFreeSpaceExW
SHAppBarMessage
Shell_NotifyIconA
SHGetFolderPathA
Shell_NotifyIconW
ShellExecuteA
DragQueryFileW
ExtractIconA
SHGetDesktopFolder

ole32

GetRunningObjectTable
CoDisconnectObject
CoInitializeEx
OleSetClipboard
CreateStreamOnHGlobal
CoSetProxyBlanket
CoCreateGuid
OleDraw
OleInitialize
StringFromCLSID
CoCreateInstance

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ede931cec0aa918a36c7d68b17df8628

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

oleaut32

advapi32

comctl32

shell32

ole32

Sections

.text Size: 69KB - Virtual size: 68KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB