16863e6d48754faa13d8b3644f2e2d89_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16863e6d48754faa13d8b3644f2e2d89_JaffaCakes118
Size

214KB
MD5

16863e6d48754faa13d8b3644f2e2d89
SHA1

5870206331f8845d2220c8a9871e64a95e423399
SHA256

4677029c9df8c58626655209e34e339d4dc17cef5e4c5335014398f35fb362b3
SHA512

8c8d788d2d3d3f85aa7040be4f87836d71e26cab1320c0fba1e79b5a2f6cffd3277f89eb6d2117193f3be8ea8d1577c5aadee27eb0863a279ba3caaaa541d1cb
SSDEEP

6144:iX8rnJ6qHYLSmBg6yrOxDf/HnXj0PQkLbbR5D:LnJ6qHxmBuwHHnK5D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16863e6d48754faa13d8b3644f2e2d89_JaffaCakes118

Files

16863e6d48754faa13d8b3644f2e2d89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2ce4c6d4fbeaeb82b5d3db51f11c023

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoInitialize
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoSetProxyBlanket
CoTaskMemRealloc
CreateItemMoniker
GetRunningObjectTable
IIDFromString
OleGetClipboard
OleIsCurrentClipboard
OleSetMenuDescriptor
PropVariantClear
ReleaseStgMedium
RevokeDragDrop
StgOpenStorage
StringFromIID

shell32

ExtractIconExA
ExtractIconW
SHBindToParent
SHChangeNotify
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFolderLocation
SHGetFolderPathW
SHGetMalloc
SHGetSpecialFolderPathA
ShellExecuteEx
Shell_NotifyIconW

kernel32

CreateEventA
CreateFileW
CreateProcessW
DuplicateHandle
EnumCalendarInfoA
FindNextFileA
FreeEnvironmentStringsA
GetCPInfo
GetCurrentThreadId
GetFileSize
GetLocalTime
GetStringTypeA
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalDeleteAtom
HeapCreate
InterlockedCompareExchange
LoadResource
OpenProcess
SetErrorMode
SetFileTime
Sleep
TerminateThread
VirtualProtect
lstrcmpA
lstrlenW

advapi32

AddAccessAllowedAce
CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptAcquireContextA
CryptDestroyHash
CryptGenRandom
EqualSid
LookupPrivilegeValueW
OpenProcessToken
OpenServiceA
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExW
RegEnumKeyW
RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyW
RegQueryValueA
RegQueryValueExW
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

comctl32

ImageList_Add
ImageList_AddMasked
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_Write
InitCommonControls
InitCommonControlsEx

gdi32

CreateBrushIndirect
CreateFontIndirectW
CreateHatchBrush
CreateICA
DPtoLP
EndPage
EnumFontFamiliesExA
ExtSelectClipRgn
FillRgn
GetBkColor
GetEnhMetaFilePaletteEntries
GetOutlineTextMetricsA
GetPaletteEntries
GetPixel
LPtoDP
RectVisible
SelectClipRgn
StretchBlt

user32

DestroyMenu
EnableWindow
EndDialog
GetActiveWindow
GetClassNameA
GetIconInfo
GetKeyboardType
IsRectEmpty
IsZoomed
LoadStringA
OffsetRect
PeekMessageA
ReleaseDC
RemovePropA
SetMenu
SetScrollRange
SetWindowLongA
SystemParametersInfoA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

3VvVoQZP
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2ce4c6d4fbeaeb82b5d3db51f11c023

Headers

File Characteristics

Imports

ole32

shell32

kernel32

advapi32

comctl32

gdi32

user32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

3VvVoQZP Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

3VvVoQZP
Size: 2KB - Virtual size: 120KB