0b27793b8ac0ab0d574fa9a68ed666bc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0b27793b8ac0ab0d574fa9a68ed666bc_JaffaCakes118
Size

106KB
MD5

0b27793b8ac0ab0d574fa9a68ed666bc
SHA1

9f10b7465b9c79cf25663947c0aafe454ac837b0
SHA256

0d9f5619e6cfd481a8c3a65afd87db01c044ae8c2efeaeee872277bf7eba0a4d
SHA512

8e1aebc802e2f425707df2732d4c2a93d5bdc948aa88198fb898d660b5f27745b375f509f4e8714ae1d876a425b45c512c93a9341bd16894d7f7e0233a81e570
SSDEEP

3072:BEhroL2boVboZdxwWrx9038P5XX45ADAVt1296CSmzh7bkm:2rdVweJZMVt1296s7wm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b27793b8ac0ab0d574fa9a68ed666bc_JaffaCakes118

Files

0b27793b8ac0ab0d574fa9a68ed666bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9969dfbb52ffd80990e172c98ad62f71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowTextA
GetScrollPos
EnableMenuItem
FrameRect
GetSubMenu
EnumWindows
SetWindowPos
UnhookWindowsHookEx
GetSysColorBrush
PostQuitMessage
EqualRect
GetSysColor
GetMessageA

kernel32

GetACP
RtlUnwind
FileTimeToSystemTime
InterlockedExchange
GetFileAttributesA
VirtualAllocEx
GetCurrentProcessId
GetSystemTime
ExitProcess
GetThreadLocale
GetStartupInfoA
GetTempPathA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetOEMCP
GetTimeZoneInformation

gdi32

FillRgn
SetViewportExtEx
ExcludeClipRect
DPtoLP
SelectClipPath
GetMapMode
CopyEnhMetaFileA
CreateCompatibleBitmap
CreateICW

ole32

CoInitialize
DoDragDrop
StringFromGUID2
CoTaskMemRealloc
CoInitializeSecurity
CoRevokeClassObject
CoCreateInstance
StgOpenStorage
OleRun

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
GetUserNameA
QueryServiceStatus
RegQueryValueExW
GetSecurityDescriptorDacl
RegCreateKeyA
CryptHashData
FreeSid
CheckTokenMembership

msvcrt

_CIpow
fflush
signal
__getmainargs
puts
fprintf
__setusermatherr
strcspn
_mbscmp
_fdopen
_strdup
strlen
raise
__initenv
_lock
iswspace
_flsbuf
strncpy

comctl32

InitCommonControls
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_GetIcon
ImageList_SetIconSize
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_Write
ImageList_LoadImageW
ImageList_Destroy
ImageList_DragEnter
ImageList_ReplaceIcon
ImageList_DrawEx

shell32

SHGetPathFromIDList
DoEnvironmentSubstW
ShellExecuteW
SHBrowseForFolderA
ExtractIconExW
ExtractIconW
CommandLineToArgvW
ShellExecuteEx
DragQueryFileW
DragAcceptFiles
DragQueryFileA

oleaut32

VariantCopy
SafeArrayPtrOfIndex
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayCreate
SafeArrayPutElement

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cmrjkio
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9969dfbb52ffd80990e172c98ad62f71

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 31KB - Virtual size: 34KB

cmrjkio Size: 4KB - Virtual size: 32KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 31KB - Virtual size: 34KB

cmrjkio
Size: 4KB - Virtual size: 32KB