0e40e1dff69c5f5a0904b8cbf9c75cfb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0e40e1dff69c5f5a0904b8cbf9c75cfb_JaffaCakes118
Size

88KB
MD5

0e40e1dff69c5f5a0904b8cbf9c75cfb
SHA1

39c1e61a8ff118067ec16363a87dd989bbd4b291
SHA256

ac145c329c9d21eac139dc7f82aab6f8dd292f1e25ae9c08e28debf63783e9b2
SHA512

b9debe7083e62af7ac09db08c8a63f3f3c62ddd0af4a489c509da9f85260232027eb46d3a1eccf9820975f098e401a2378e6baee75e74cdead0d482fedbb7cf3
SSDEEP

1536:hBAmjel69003XMNGRYyHxd9G7jy3h2Tkeqhjw5ux1ucRvmWtbOfHwqwpPk46T:8HlAnXMIDRfEbwVjw8/uGvDtIHwqwpPI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e40e1dff69c5f5a0904b8cbf9c75cfb_JaffaCakes118

Files

0e40e1dff69c5f5a0904b8cbf9c75cfb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e029150f5445a3f6e06329593ed0e564

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UnhookWindowsHookEx
GetMessageA
SetWindowPos
GetSubMenu
FrameRect
PostQuitMessage
GetScrollPos
EqualRect
GetSysColorBrush
SetWindowTextA
GetSysColor
EnumWindows
EnableMenuItem

kernel32

GetStartupInfoA
SetUnhandledExceptionFilter
VirtualAllocEx
GetTimeZoneInformation
GetSystemTime
GetCurrentProcessId
GetTickCount
InterlockedExchange
ExitProcess
GetACP
GetTempPathA
GetFileAttributesA
GetThreadLocale
FileTimeToSystemTime
RtlUnwind

gdi32

FillRgn
SetViewportExtEx
CreateICW
CreateCompatibleBitmap
GetMapMode
DPtoLP
ExcludeClipRect
SelectClipPath
CopyEnhMetaFileA

ole32

DoDragDrop
CoCreateInstance
CoInitializeSecurity
OleRun
CoTaskMemRealloc
StgOpenStorage
CoRevokeClassObject
CoInitialize
StringFromGUID2

advapi32

GetSecurityDescriptorDacl
FreeSid
RegCreateKeyA
RegCreateKeyExW
AdjustTokenPrivileges
CheckTokenMembership
QueryServiceStatus
RegQueryValueExW
GetUserNameA
CryptHashData

msvcrt

_strdup
iswspace
__initenv
strncpy
strlen
signal
strcspn
_lock
__getmainargs
_CIpow
__setusermatherr
_mbscmp
fprintf
_fdopen
puts
raise
_flsbuf
fflush

comctl32

ImageList_GetBkColor
ImageList_DragEnter
ImageList_SetIconSize
ImageList_DrawEx
ImageList_Destroy
InitCommonControls
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_LoadImageW
ImageList_Write
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize

shell32

CommandLineToArgvW
DoEnvironmentSubstW
ShellExecuteW
SHBrowseForFolderA
DragQueryFileA
SHGetPathFromIDList
DragQueryFileW
ExtractIconW
ShellExecuteEx
DragAcceptFiles
ExtractIconExW

oleaut32

SafeArrayCreate
VariantCopy
SafeArrayGetUBound
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SysReAllocStringLen

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hmulmjv
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e029150f5445a3f6e06329593ed0e564

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 36KB - Virtual size: 36KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 6KB - Virtual size: 34KB

hmulmjv Size: - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 36KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 6KB - Virtual size: 34KB

hmulmjv
Size: - Virtual size: 4KB