16caaf82ced6c3ceef3da78e23553dec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16caaf82ced6c3ceef3da78e23553dec_JaffaCakes118
Size

81KB
MD5

16caaf82ced6c3ceef3da78e23553dec
SHA1

2646329c21b791acfb4d738d2bc7b58c8083d5f9
SHA256

8cdba962fcd6df6bcec67e0edbb3ba7e8661ffd0f29bec5015dfdc96aa786dec
SHA512

7ccb07fb862ecca2852c06f512eb2a4b08c5ab35389663e24ea1809df4f20b9810c3fb9ceb1e8d979d54080c83f80bc3061ad37184efdf6867af0c260f9a55a3
SSDEEP

1536:JR/BrpMJZAgtcswJ0R/9X1Z/lfdumQNH8WGbso5gSnvQXWxYmG:z/By3AgtcswaLXnZdAp8Hso5/nvzxc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16caaf82ced6c3ceef3da78e23553dec_JaffaCakes118

Files

16caaf82ced6c3ceef3da78e23553dec_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9bee7bbaa8fc98f3010bac08f8c46a05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetScrollPos
SetWindowTextA
EqualRect
GetSysColorBrush
GetMessageA
UnhookWindowsHookEx
PostQuitMessage
EnableMenuItem
GetSysColor
EnumWindows
FrameRect
GetSubMenu
SetWindowPos

kernel32

GetCurrentProcessId
InterlockedExchange
GetTickCount
GetTempPathA
RtlUnwind
ExitProcess
FileTimeToSystemTime
GetStartupInfoA
SetUnhandledExceptionFilter
GetThreadLocale
GetOEMCP
GetTimeZoneInformation
GetSystemTime
GetFileAttributesA
GetACP
VirtualAllocEx

gdi32

SetViewportExtEx
CreateCompatibleBitmap
SelectClipPath
DPtoLP
FillRgn
CreateICW
ExcludeClipRect
CopyEnhMetaFileA
GetMapMode

ole32

DoDragDrop
CoInitialize
CoCreateInstance
StgOpenStorage
CoTaskMemRealloc
StringFromGUID2
CoRevokeClassObject
CoInitializeSecurity
OleRun

advapi32

RegCreateKeyExW
CryptHashData
CheckTokenMembership
GetSecurityDescriptorDacl
AdjustTokenPrivileges
GetUserNameA
QueryServiceStatus
FreeSid
RegCreateKeyA
RegQueryValueExW

msvcrt

iswspace
__setusermatherr
_strdup
_flsbuf
_CIpow
raise
fprintf
_lock
puts
_fdopen
signal
strncpy
fflush
strcspn
strlen
__getmainargs
_mbscmp
__initenv

comctl32

ImageList_GetIcon
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_ReplaceIcon
InitCommonControls
ImageList_Write
ImageList_DragEnter
ImageList_DrawEx
ImageList_GetIconSize
ImageList_Destroy
ImageList_GetBkColor
ImageList_LoadImageA
ImageList_LoadImageW

shell32

ShellExecuteEx
CommandLineToArgvW
DragQueryFileW
SHGetPathFromIDList
SHBrowseForFolderA
ExtractIconW
DragQueryFileA
DoEnvironmentSubstW
ExtractIconExW
DragAcceptFiles
ShellExecuteW

oleaut32

SafeArrayRedim
SafeArrayPutElement
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayUnaccessData
VariantCopy
SafeArrayGetUBound

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9bee7bbaa8fc98f3010bac08f8c46a05

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 6KB - Virtual size: 80KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 6KB - Virtual size: 80KB