00544959a3f956637e06ec185292e240_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00544959a3f956637e06ec185292e240_JaffaCakes118
Size

155KB
MD5

00544959a3f956637e06ec185292e240
SHA1

a218a7a1078fb2ae7f2b9739912b5e086702dc60
SHA256

23bc04c0b6c60416dd414293481df82142b1a9fa0490ed8d44be6e719a88861a
SHA512

37c00ec53db38d272671c48c514cfe6bc266b276a594e472a12e74a88b53ffc13f67ecda0b973327cd3375fda2fec1e5b5b7aa12066b8efee780905104ec8ef6
SSDEEP

3072:F+g8iepFgUumcS25SwthbWadpSOkcqrdD82z5NtFwjg:qxPBwnppSOkcqrx33wj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00544959a3f956637e06ec185292e240_JaffaCakes118

Files

00544959a3f956637e06ec185292e240_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2f79ad0a6cc3fc459bee112d1703f30e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

OutputDebugStringA
GetDriveTypeA
GetStartupInfoA
FormatMessageA
FreeEnvironmentStringsA
GetVersionExW
UnhandledExceptionFilter
GetOEMCP
GetModuleHandleA
VirtualProtect
GetSystemInfo
SetFileAttributesA
GetLocalTime
GetFileAttributesW

msvcrt

__p__fmode
log
_initterm
__getmainargs
__p__commode
_adjust_fdiv
_except_handler3
__set_app_type
_XcptFilter
putchar
_open_osfhandle
_acmdln
__setusermatherr
exit

user32

GetIconInfo
RegisterClipboardFormatA
GetTopWindow
SetWindowTextA
SetWindowsHookExA
SetPropA
GetDlgItem
GetCursorPos
LoadStringA
DefWindowProcA
SendDlgItemMessageA
GetActiveWindow
ShowOwnedPopups
DestroyIcon

comctl32

ImageList_BeginDrag
ImageList_SetOverlayImage
DestroyPropertySheetPage
ImageList_DragShowNolock
CreatePropertySheetPageW
ImageList_Add
ImageList_SetDragCursorImage
ImageList_LoadImageA
ImageList_SetBkColor

oleaut32

VariantInit
SysReAllocStringLen
CreateErrorInfo
SafeArrayUnaccessData
SafeArrayGetUBound
SysAllocStringLen
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SafeArrayGetElement

advapi32

RegCreateKeyA
CryptAcquireContextA
RegOpenKeyA
LookupPrivilegeValueA
RegEnumKeyExW
RegEnumKeyW
SetSecurityDescriptorOwner
CryptReleaseContext
RegFlushKey
RegQueryValueA
CloseServiceHandle

version

VerInstallFileW
VerInstallFileA
GetFileVersionInfoA

ole32

CoRegisterClassObject
OleIsCurrentClipboard
CLSIDFromProgID
OleSetMenuDescriptor
CoInitialize
CreateBindCtx
IIDFromString
DoDragDrop
CoRegisterMessageFilter
IsAccelerator
PropVariantClear
RevokeDragDrop
CoUninitialize

shell32

SHCreateDirectoryExW
SHBindToParent
DoEnvironmentSubstW
SHGetFolderPathA
SHChangeNotify

gdi32

GetTextMetricsA
EnumMetaFile
SetAbortProc
PlayMetaFile
SetWinMetaFileBits
FillRgn

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f79ad0a6cc3fc459bee112d1703f30e

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

comctl32

oleaut32

advapi32

version

ole32

shell32

gdi32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 42KB - Virtual size: 44KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 42KB - Virtual size: 44KB