0e4039658698c50c43cd218ca071b0e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e4039658698c50c43cd218ca071b0e6_JaffaCakes118
Size

85KB
MD5

0e4039658698c50c43cd218ca071b0e6
SHA1

ded940f15c60b340bfd02eaf4941059c36339aa9
SHA256

8b6a30286b7ac490fbf43f86751fae72913c16694d5883293c3bc8136aca4df6
SHA512

d5fd174f48235fae773da07897ca46466e159df87f46183d27b76a81e55df2c9249f0e99c860fcb98e6207458d06ee9b4149cecd07a76ee4c8c4ff28023463f2
SSDEEP

1536:zqDK1GT+wQvSALGApz/tWVm2vY+kq0QZRk1mG5E6NcvT1Xv:gWGCwQ6ALGApxwrhR5G5E+cvT1/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e4039658698c50c43cd218ca071b0e6_JaffaCakes118

Files

0e4039658698c50c43cd218ca071b0e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

937439adcd9e96eac8af8992f68f882d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
FrameRect
GetScrollPos
SetWindowPos
EqualRect
EnableMenuItem
SetWindowTextA
GetSysColorBrush
UnhookWindowsHookEx
GetSubMenu
GetMessageA
PostQuitMessage
EnumWindows

kernel32

GetSystemTime
GetThreadLocale
GetTickCount
SetUnhandledExceptionFilter
GetStartupInfoA
QueryPerformanceCounter
RtlUnwind
GetCurrentProcessId
VirtualAllocEx
InterlockedExchange
GetTimeZoneInformation
ExitProcess
GetTempPathA
GetACP
GetFileAttributesA
FileTimeToSystemTime

gdi32

GetMapMode
SetViewportExtEx
CreateCompatibleBitmap
CopyEnhMetaFileA
CreateICW
FillRgn
DPtoLP
SelectClipPath
ExcludeClipRect

ole32

CoInitialize
CoRevokeClassObject
CoTaskMemRealloc
StgOpenStorage
StringFromGUID2
CoInitializeSecurity
OleRun
CoCreateInstance
DoDragDrop

advapi32

QueryServiceStatus
GetUserNameA
FreeSid
GetSecurityDescriptorDacl
CheckTokenMembership
RegCreateKeyExW
CryptHashData
RegCreateKeyA
RegQueryValueExW
AdjustTokenPrivileges

msvcrt

raise
_flsbuf
puts
signal
_strdup
_mbscmp
__setusermatherr
fprintf
fflush
_fdopen
strlen
__initenv
_lock
_CIpow
iswspace
__getmainargs
strcspn
strncpy

comctl32

ImageList_DrawEx
ImageList_DragEnter
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_GetBkColor
ImageList_Write
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_GetIcon
InitCommonControls
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_SetIconSize

shell32

DragQueryFileW
DoEnvironmentSubstW
DragQueryFileA
ShellExecuteW
DragAcceptFiles
SHGetPathFromIDList
SHBrowseForFolderA
ExtractIconExW
CommandLineToArgvW
ShellExecuteEx
ExtractIconW

oleaut32

SafeArrayRedim
SafeArrayPtrOfIndex
SafeArrayPutElement
VariantCopy
SysReAllocStringLen
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayGetUBound

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

937439adcd9e96eac8af8992f68f882d

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 35KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 35KB - Virtual size: 35KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 6KB - Virtual size: 5KB