14942fdb72bac2e5c46d3a56b0ff0ec4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14942fdb72bac2e5c46d3a56b0ff0ec4_JaffaCakes118
Size

142KB
MD5

14942fdb72bac2e5c46d3a56b0ff0ec4
SHA1

60f083db02c6d361b0e7391b71cfdf0a5de5f4c2
SHA256

ccc0f0dab311bf4ae4c3ab1a59dc0c81c78fe27eea23926626cb470750422a71
SHA512

6d6c4e1032c3e22e031ed576aef5daf4789439dd7cf3c5b65194150f84f665529754c825b802184939af22a75183f1dc395083af1730409e4ff2e0848618422f
SSDEEP

3072:U4hD7Xu3uqUe2+6/BKj/H1bJ4sc44lc487h:JOuqUEVjPhJ4W4V89

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14942fdb72bac2e5c46d3a56b0ff0ec4_JaffaCakes118

Files

14942fdb72bac2e5c46d3a56b0ff0ec4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f0076d203867dde3953eb6e473c2ab0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocaleInfoA
GetLastError
GetCommandLineA
GetCommandLineW
GetLocaleInfoW
VirtualProtect
lstrcmpiA
GetFileAttributesW
GetSystemTimeAsFileTime
GetModuleHandleA
SetLastError
GetStartupInfoA

msvcrt

_XcptFilter
__p__commode
__dllonexit
_acmdln
exit
_ftol
_except_handler3
__set_app_type
_wtoi
_setmode
_initterm
strstr
__p__fmode
strrchr
__getmainargs
log
srand
_adjust_fdiv
__setusermatherr
tolower

user32

FrameRect
GetScrollPos
DestroyMenu
GetCursorPos
PeekMessageA
CloseClipboard
IsWindowEnabled
GetWindowTextA
GetCapture

oleaut32

GetActiveObject
SysFreeString
VariantCopyInd
VariantCopy
VariantClear
SysStringLen
SafeArrayCreate
SafeArrayGetUBound
SafeArrayPutElement
SysAllocStringByteLen
SafeArrayUnaccessData

ole32

CreateStreamOnHGlobal
CreateItemMoniker
CoLoadLibrary
OleIsCurrentClipboard
CoDisconnectObject
StgOpenStorageOnILockBytes
OleRun
CLSIDFromString
CoRevokeClassObject

comctl32

DestroyPropertySheetPage
ImageList_Replace
ImageList_Write
ImageList_Read
ImageList_DrawEx
ImageList_Draw
ImageList_DragEnter

version

VerQueryValueA
GetFileVersionInfoSizeA
VerInstallFileW
GetFileVersionInfoA
VerFindFileW
VerLanguageNameA
VerInstallFileA
GetFileVersionInfoSizeW

shell32

SHGetMalloc
DoEnvironmentSubstW
SHBindToParent
ExtractAssociatedIconW
SHGetPathFromIDList
SHGetPathFromIDListA

advapi32

InitializeAcl
GetTokenInformation
OpenProcessToken
RevertToSelf
CryptCreateHash
RegFlushKey
CryptHashData
OpenSCManagerA
RegQueryValueExW
CloseServiceHandle
OpenSCManagerW

gdi32

RestoreDC
CreateICA
SetBkMode
SetDIBColorTable
EnumEnhMetaFile
ExtTextOutW
GetTextExtentPoint32A
GetMapMode
TextOutA
ExtCreatePen

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f0076d203867dde3953eb6e473c2ab0

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

ole32

comctl32

version

shell32

advapi32

gdi32

Sections

.text Size: 64KB - Virtual size: 64KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 64KB - Virtual size: 64KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 27KB - Virtual size: 27KB