64098d12d51b8497c20a62c35db8751f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64098d12d51b8497c20a62c35db8751f_JaffaCakes118
Size

1017KB
MD5

64098d12d51b8497c20a62c35db8751f
SHA1

5b8873a5aaf5c768b0739792a99d983661aef9a8
SHA256

6816b543af496282a80a80c7ce0e21b8231d339676261dfa98fd4a689e2945b7
SHA512

be352b833698252b081610c982c1b16e90da37c6f7f37ee2906fbeb257d10df679ea6f66abc904ae1735b27e2a103ef6e284f25470623617c1ca979d4765bb17
SSDEEP

24576:sg6a47iNNTzEGj7sNW0FVoSU45RyNCsEkNrV0k7:6qEQYv1N0Rf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64098d12d51b8497c20a62c35db8751f_JaffaCakes118

Files

64098d12d51b8497c20a62c35db8751f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

63bffd942cbbb17d7f3db2113a4297d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

QuerySecurityPackageInfoW
DeleteSecurityContext

comdlg32

PrintDlgExW
ChooseColorW
GetOpenFileNameW

comctl32

ImageList_SetOverlayImage
InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_GetScrollInfo
_TrackMouseEvent
CreateStatusWindowW
DestroyPropertySheetPage
PropertySheetW
ord17
InitCommonControlsEx
ImageList_Destroy
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_Add
ImageList_SetBkColor
ImageList_Draw
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_Read
ImageList_GetIconSize
ImageList_SetIconSize

kernel32

FreeEnvironmentStringsA
GetProcAddress
GlobalFree
LocalFree
VirtualAlloc
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
DeleteCriticalSection
GetFileSize
WriteFile
FindClose
MulDiv
GetSystemTime
FormatMessageW
lstrcmpiW
LoadLibraryW
GetModuleFileNameW
GetStartupInfoW
ExpandEnvironmentStringsW
CreateDirectoryW
DeleteFileW
FindFirstFileW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

psapi

GetModuleBaseNameW

shlwapi

AssocCreate
SHSetValueW
StrFormatByteSizeW
StrRetToStrW
PathAddBackslashW
PathIsUNCW
PathRemoveExtensionW
PathStripToRootW
UrlEscapeW
PathCreateFromUrlW
SHDeleteValueW

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 585KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tgsf
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.elaw3e
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63bffd942cbbb17d7f3db2113a4297d4

Headers

File Characteristics

Imports

secur32

comdlg32

comctl32

kernel32

psapi

shlwapi

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 585KB - Virtual size: 7.1MB

.tgsf Size: 150KB - Virtual size: 150KB

.elaw3e Size: 103KB - Virtual size: 103KB

.rsrc Size: 106KB - Virtual size: 106KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 585KB - Virtual size: 7.1MB

.tgsf
Size: 150KB - Virtual size: 150KB

.elaw3e
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 106KB - Virtual size: 106KB