fee9c1df1e2974d467dbfbb261e80f01_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fee9c1df1e2974d467dbfbb261e80f01_JaffaCakes118
Size

83KB
MD5

fee9c1df1e2974d467dbfbb261e80f01
SHA1

60df84a5a527394e2b59f5e7fe818787dbb9d3be
SHA256

f0c633e3b44b04e90c63b3904e1145021633d1e8a83f18e712aa2f28cff9481c
SHA512

05d42c7c07fa1b23e498a2c6cb1b519fc5f8b2109c21bb3110d4627bd8e92496b7040e5ed6fafe092ac7dda901d9c6ca14b3a2c770e2d33890f983fa4774227a
SSDEEP

1536:1hbsFa3Vr6xGbbaZS8/WH1rIKps8ZcMHvpBtgXt418nHk:Pb3BSG2/WH1rBs8ZcMHvFwt4SnE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fee9c1df1e2974d467dbfbb261e80f01_JaffaCakes118

Files

fee9c1df1e2974d467dbfbb261e80f01_JaffaCakes118
.exe windows:5 windows x86 arch:x86

52db4c1c3be106f2899c54762acc1c8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColorBrush
SetWindowPos
EnumWindows
GetScrollPos
EnableMenuItem
UnhookWindowsHookEx
GetMessageA
FrameRect
GetSysColor
EqualRect
SetWindowTextA
GetSubMenu
PostQuitMessage

kernel32

FileTimeToSystemTime
ExitProcess
InterlockedExchange
GetACP
SetUnhandledExceptionFilter
VirtualAllocEx
GetFileAttributesA
GetOEMCP
GetThreadLocale
GetCurrentProcessId
RtlUnwind
GetTimeZoneInformation
GetStartupInfoA
GetTempPathA
GetSystemTime
QueryPerformanceCounter

gdi32

DPtoLP
ExcludeClipRect
FillRgn
CopyEnhMetaFileA
CreateCompatibleBitmap
SelectClipPath
CreateICW
GetMapMode
SetViewportExtEx

ole32

StgOpenStorage
CoInitializeSecurity
CoCreateInstance
DoDragDrop
CoRevokeClassObject
CoTaskMemRealloc
StringFromGUID2
OleRun
CoInitialize

advapi32

FreeSid
AdjustTokenPrivileges
GetSecurityDescriptorDacl
CheckTokenMembership
RegCreateKeyA
QueryServiceStatus
RegQueryValueExW
CryptHashData
RegCreateKeyExW
GetUserNameA

msvcrt

_mbscmp
__getmainargs
_fdopen
strncpy
puts
_CIpow
raise
fflush
_lock
__setusermatherr
strlen
signal
_strdup
_flsbuf
strcspn
fprintf
__initenv
iswspace

comctl32

ImageList_GetBkColor
ImageList_GetIcon
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_LoadImageW
ImageList_GetIconSize
InitCommonControls
ImageList_Write
ImageList_Destroy
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_DragEnter

shell32

ShellExecuteW
DragQueryFileW
DragQueryFileA
ExtractIconExW
DoEnvironmentSubstW
ShellExecuteEx
DragAcceptFiles
SHBrowseForFolderA
ExtractIconW
SHGetPathFromIDList
CommandLineToArgvW

oleaut32

VariantCopy
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayRedim
SafeArrayPutElement
SafeArrayGetUBound
SafeArrayCreate
SafeArrayUnaccessData

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52db4c1c3be106f2899c54762acc1c8e

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 35KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 35KB - Virtual size: 35KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 6KB