01fbed5cd5a4acef3ec6c49cf33951f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

01fbed5cd5a4acef3ec6c49cf33951f0_JaffaCakes118
Size

143KB
MD5

01fbed5cd5a4acef3ec6c49cf33951f0
SHA1

d41611ad88b9cbb19b20a7500ec0b2d02e202369
SHA256

dd1d37a363727f0c4205897b6d216b7a523ef0b044d5234ee48439649bb54355
SHA512

40ca9b1642b7ee01f86fb4e236ffb77f98dab4d3f76715b02642f05716cd5d56f76ac75ba432131fdd74aa195c3f347bf2e9b8c71cd5ce22d00ff47a160c35e5
SSDEEP

3072:IEdVvb6g7gpq49iWK5weuCUv9T0sbFbPuUTV7HyN2yh5zB:zNbWK5jpq9TzbFXx7Q2yh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01fbed5cd5a4acef3ec6c49cf33951f0_JaffaCakes118

Files

01fbed5cd5a4acef3ec6c49cf33951f0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

84e3dc8a30e853eafe8bcf14d88ae827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_XcptFilter
_except_handler3
_controlfp
__getmainargs
log10
__set_app_type
__p__fmode
__setusermatherr
_adjust_fdiv
_initterm
_CIsqrt
log
__p__commode
srand
_acmdln
_amsg_exit
exit

kernel32

DeviceIoControl
GetFileAttributesA
lstrcatA
RaiseException
DisableThreadLibraryCalls
GetEnvironmentStringsW
VirtualProtect
GetLocaleInfoA
MultiByteToWideChar
LCMapStringA
FreeEnvironmentStringsA
GetModuleHandleA
lstrcmpiA
SetUnhandledExceptionFilter
GetStartupInfoA
GetFileAttributesW
GetCommandLineW

oleaut32

LoadTypeLib
SafeArrayGetElement
SafeArrayCreate
SafeArrayPtrOfIndex
VariantInit

gdi32

CreateDIBPatternBrushPt
StartPage
GetObjectW
GetMetaFileBitsEx
Arc
SetDIBitsToDevice
GetViewportExtEx
RealizePalette
GetTextExtentExPointW
EnumEnhMetaFile
StretchBlt
CreateFontW
ExtEscape
SetViewportOrgEx
AddFontResourceA

shell32

ExtractAssociatedIconW
SHBindToParent
SHGetSpecialFolderPathA
ExtractIconExA
FindExecutableW
Shell_NotifyIconW
ShellExecuteA
ExtractIconA

advapi32

OpenSCManagerA
RegEnumValueA
RegEnumValueW
CheckTokenMembership
RegDeleteValueW
QueryServiceStatus
AdjustTokenPrivileges
RegEnumKeyW
RegEnumKeyExA
RegDeleteKeyW
CryptReleaseContext

version

GetFileVersionInfoSizeA
VerLanguageNameA
VerFindFileW
GetFileVersionInfoA
VerQueryValueW
VerInstallFileA
VerQueryValueA

ole32

OleIsCurrentClipboard
OleSetMenuDescriptor
IsAccelerator
StgOpenStorage
IsEqualGUID
OleSetClipboard
CoRevokeClassObject
StringFromGUID2

comctl32

ImageList_SetBkColor
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_DragEnter
ImageList_Remove
CreateStatusWindowA
ImageList_GetBkColor
ImageList_AddMasked
ImageList_LoadImageW

user32

RedrawWindow
PeekMessageA
IsRectEmpty
OpenClipboard
KillTimer
SetFocus
GetIconInfo
InsertMenuA
SetPropA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84e3dc8a30e853eafe8bcf14d88ae827

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

gdi32

shell32

advapi32

version

ole32

comctl32

user32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 105KB - Virtual size: 105KB