08b3b94756ca7cab1c775b593827e8fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08b3b94756ca7cab1c775b593827e8fb_JaffaCakes118
Size

149KB
MD5

08b3b94756ca7cab1c775b593827e8fb
SHA1

20f4fe828f627e3ed4bb7be7a1418e46f390360a
SHA256

2c9f123a0a744cee7f014b6545d76c9ea81d972e0006b5d03d775b7a9b52c2a8
SHA512

0a05b1ec4fc1761fe06cbec0ae093c6332faecd8260da7d63963b4b9172ded161fa9f769d64a45ea6ab9f8cc3515520ed4962ef51b2189e506123d913bbb587f
SSDEEP

3072:p1DiKV331tzi2puN/m4ew7FaLrQRsd1xz2X0jWTPmv7Opl:JVS2qm45A5d1xz2X0KiyT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b3b94756ca7cab1c775b593827e8fb_JaffaCakes118

Files

08b3b94756ca7cab1c775b593827e8fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

af87015c97334554d8aca488f80dbdda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_cexit
__p__commode
__setusermatherr
__getmainargs
_acmdln
_adjust_fdiv
__set_app_type
exit
_XcptFilter
__p__fmode
_controlfp
_except_handler3
_initterm
log10
_osver
_isctype

kernel32

WideCharToMultiByte
GetThreadLocale
GetStartupInfoA
FlushFileBuffers
GetEnvironmentStringsW
lstrlenW
VirtualProtect
FreeEnvironmentStringsA
FileTimeToLocalFileTime
GlobalHandle
GetModuleHandleA

advapi32

QueryServiceStatus
AdjustTokenPrivileges
RegDeleteKeyW
RegDeleteKeyA
RegSetValueExW
RegEnumValueW
SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExW
InitiateSystemShutdownA
RegDeleteValueA
RegOpenKeyExW

shell32

Shell_NotifyIconW
ShellExecuteExA
SHBindToParent
SHGetDesktopFolder
SHGetPathFromIDListA
SHCreateDirectoryExA

version

VerInstallFileA
VerFindFileW
GetFileVersionInfoA
VerInstallFileW
GetFileVersionInfoSizeW
VerLanguageNameA

oleaut32

SafeArrayUnaccessData
SysAllocStringByteLen
LoadTypeLib
GetActiveObject
VariantClear
VariantCopyInd
SafeArrayPtrOfIndex
SafeArrayPutElement
SysReAllocStringLen
GetErrorInfo
SafeArrayCreate

ole32

OleSetClipboard
CoRegisterClassObject
CoCreateGuid
IIDFromString
CoFreeUnusedLibraries
StringFromIID
IsAccelerator

comctl32

ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Read
CreatePropertySheetPageW
ImageList_Replace
ImageList_Create

user32

GetScrollInfo
SystemParametersInfoA
SendDlgItemMessageA
OemToCharA
IsRectEmpty
GetKeyboardType
SetPropA
TranslateMessage
CreateWindowExA
GetMenuItemID
GetSysColor
DrawFrameControl

gdi32

SetTextJustification
CreatePenIndirect
ExtSelectClipRgn
SetColorAdjustment
ExtCreateRegion
CreateCompatibleDC
IntersectClipRect
CreateHalftonePalette
GetObjectType
TextOutW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af87015c97334554d8aca488f80dbdda

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

shell32

version

oleaut32

ole32

comctl32

user32

gdi32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 112KB - Virtual size: 184KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 112KB - Virtual size: 184KB