14faaeb1594e2f931fec4ce88756a6f8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14faaeb1594e2f931fec4ce88756a6f8_JaffaCakes118
Size

141KB
MD5

14faaeb1594e2f931fec4ce88756a6f8
SHA1

c2712be7a5ede3653db9c70bc7209d1c46fed3a4
SHA256

6ebe06796f64a46bfdc49bd304aea34b90da597f85c24e46757509131fc15437
SHA512

ebbcc2f7c9df46a35a08ec8c6956281d71e784007ee57b5d6934b7e85f7447d7e7714ba16bf7d2ffc1ac496174232b1adebcd5fc05d06ac29d5b1ce352ec7007
SSDEEP

3072:n7C7nDYkmzbbY65+qlL0zi85TtVyLsX/UWoDYBc/rV8K1IP:n7KXmLhciKtIScLDYBArV8Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14faaeb1594e2f931fec4ce88756a6f8_JaffaCakes118

Files

14faaeb1594e2f931fec4ce88756a6f8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7694199f84317c53defceb0da07e3ff9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

exit
__getmainargs
_controlfp
strcmp
clock
memcmp
_acmdln
time
__p__commode
strncmp
iswdigit
__setusermatherr
_except_handler3
srand
calloc
_initterm
_XcptFilter
printf
__p__fmode
log10
_adjust_fdiv
memset
__set_app_type

kernel32

GlobalReAlloc
GetStartupInfoA
GetModuleHandleA
MultiByteToWideChar
VirtualProtect
GetCommandLineW
FileTimeToSystemTime
CompareFileTime
GetCurrentProcess
lstrcatA
lstrcmpiA
GetVersionExW

gdi32

AbortDoc
GetTextExtentExPointW
CreateMetaFileW
SetDIBColorTable
PlayMetaFile

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetSettings
SHGetFolderPathW
ExtractIconW
ShellExecuteW
DragAcceptFiles
Shell_NotifyIconA
SHGetFolderLocation
ShellExecuteEx
DragQueryFile

ole32

DoDragDrop
IsAccelerator
CLSIDFromString
OleIsCurrentClipboard
OleDraw
OleGetClipboard
StgOpenStorage
CoReleaseMarshalData
RevokeDragDrop

comctl32

ImageList_DrawEx
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_EndDrag
ImageList_Read
PropertySheetA
ImageList_SetImageCount
ImageList_LoadImageA
ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_SetDragCursorImage
ImageList_Write
ImageList_GetIconSize

version

VerInstallFileW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoA
VerQueryValueA
VerInstallFileA
VerFindFileW

user32

GetDC
ScrollWindow
GetDlgItem
GetForegroundWindow
GetKeyState
ShowOwnedPopups
SetWindowLongA
ShowCursor
FrameRect

oleaut32

SafeArrayRedim
LoadTypeLib
SysReAllocStringLen
VariantCopyInd
SafeArrayGetElement
SafeArrayGetUBound
SetErrorInfo
SafeArrayCreate
GetErrorInfo
SysStringLen

advapi32

RegCreateKeyExA
CheckTokenMembership
OpenSCManagerA
CryptReleaseContext
OpenServiceA

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7694199f84317c53defceb0da07e3ff9

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

shell32

ole32

comctl32

version

user32

oleaut32

advapi32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 105KB - Virtual size: 105KB