1acf08c3e2ae0b7edf50350a8730ee48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1acf08c3e2ae0b7edf50350a8730ee48_JaffaCakes118
Size

80KB
MD5

1acf08c3e2ae0b7edf50350a8730ee48
SHA1

7077d4604110dddc5a4afc4678192565731f4edb
SHA256

25366708d27d5de3cd0f50ed121c99da1298f1481bca178a81f1287f432652d2
SHA512

db27d18df4d8740daf8997824f467a5fe8ec6acf3dcfe674b1ddee990ec7d22bdefde08b6b91a2cd9e185df46a5afb7ce9e19726f4b3db0e7f7ab7a40001182a
SSDEEP

1536:dPPEyu6yr1OY+4RI2WGBDxj54UrMW1jFLuMSADz72mMyWsSsM:dPP7u7x5Wqt+UgW/yuDvPxWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1acf08c3e2ae0b7edf50350a8730ee48_JaffaCakes118

Files

1acf08c3e2ae0b7edf50350a8730ee48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec56ff4a0ae274c36bc94f9bccf139b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostQuitMessage
SetWindowPos
UnhookWindowsHookEx
SetWindowTextA
EnumWindows
FrameRect
EqualRect
GetMessageA
GetSysColorBrush
GetSubMenu
EnableMenuItem
GetScrollPos
GetSysColor

kernel32

ExitProcess
GetTickCount
GetThreadLocale
GetCurrentProcessId
InterlockedExchange
FileTimeToSystemTime
GetTimeZoneInformation
GetTempPathA
VirtualAllocEx
RtlUnwind
GetSystemTime
SetUnhandledExceptionFilter
GetStartupInfoA
GetFileAttributesA
GetOEMCP

gdi32

CopyEnhMetaFileA
FillRgn
GetMapMode
DPtoLP
SetViewportExtEx
ExcludeClipRect
SelectClipPath
CreateICW
CreateCompatibleBitmap

ole32

DoDragDrop
CoTaskMemRealloc
StgOpenStorage
CoRevokeClassObject
OleRun
StringFromGUID2
CoInitializeSecurity
CoInitialize
CoCreateInstance

advapi32

GetUserNameA
RegQueryValueExW
GetSecurityDescriptorDacl
RegCreateKeyA
CryptHashData
CheckTokenMembership
FreeSid
AdjustTokenPrivileges
QueryServiceStatus
RegCreateKeyExW

msvcrt

_mbscmp
strncpy
__setusermatherr
_fdopen
strlen
strcspn
raise
iswspace
_flsbuf
__initenv
__getmainargs
fflush
_CIpow
signal
puts
fprintf
_strdup
_lock

comctl32

ImageList_Write
ImageList_Destroy
CreatePropertySheetPageA
ImageList_LoadImageA
ImageList_DragEnter
ImageList_SetIconSize
ImageList_GetIcon
ImageList_GetBkColor
ImageList_DrawEx
ImageList_LoadImageW
InitCommonControls
ImageList_GetIconSize
ImageList_ReplaceIcon

shell32

ShellExecuteEx
CommandLineToArgvW
SHGetPathFromIDList
SHBrowseForFolderA
DragQueryFileA
ExtractIconExW
ExtractIconW
DragAcceptFiles
ShellExecuteW
DoEnvironmentSubstW
DragQueryFileW

oleaut32

VariantCopy
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ztscjkf
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec56ff4a0ae274c36bc94f9bccf139b8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 6KB - Virtual size: 34KB

ztscjkf Size: - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 6KB - Virtual size: 34KB

ztscjkf
Size: - Virtual size: 4KB