1b9c599b1c99852ec3706bad22d09307_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b9c599b1c99852ec3706bad22d09307_JaffaCakes118
Size

99KB
MD5

1b9c599b1c99852ec3706bad22d09307
SHA1

61a67c82d2cbd7081b026c6225bb988aa80ec48d
SHA256

88b7dd4069c9997dcd5721c2da3550a1a251c18413b866b0b0e7db1ea7d16185
SHA512

01d8f16a0047793dffabfbc3925edbcab20e7da5745707a65c58195910ca475729cf581a16808b08d4a97cab191bc3e4f80400800901e48f2f74ff8e186667f5
SSDEEP

3072:8j8827gTC0K/m89r76+KOcyJNjws7Trhcii:8c7gTC0KesqX7yJNjx7fhf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b9c599b1c99852ec3706bad22d09307_JaffaCakes118

Files

1b9c599b1c99852ec3706bad22d09307_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75e0f5ce767a1be86c3078faa57716af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetSystemDirectoryA
GetModuleHandleA
SetStdHandle
SetThreadLocale
GetStartupInfoA
FileTimeToDosDateTime
CompareStringW
DeleteFileW
GetCurrentProcess
lstrcpynA
GetTempFileNameA

user32

SetRect
BeginPaint
SetTimer
GetMessageA
SetMenu
ClientToScreen
GetSysColor

msvcrt

_except_handler3
exit
_initterm
strerror
_adjust_fdiv
memcmp
__getmainargs
iswctype
setlocale
__setusermatherr
__p__commode
_dup2
wcschr
sqrt
_acmdln
atof
free
__set_app_type
iswspace
_XcptFilter
printf
iswdigit
fwrite
__p__fmode
isspace

comctl32

DestroyPropertySheetPage
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragShowNolock
CreateStatusWindowA
ImageList_AddMasked
InitCommonControls
PropertySheetW
ImageList_SetDragCursorImage
ImageList_Draw
ImageList_Create
ImageList_BeginDrag
PropertySheetA
ImageList_Remove
InitCommonControlsEx
ImageList_Write

advapi32

RegFlushKey
OpenServiceW
RegCreateKeyExW
CryptHashData
RegQueryValueExA
RegEnumValueA
RegDeleteKeyA

ole32

ProgIDFromCLSID
OleRun
StgCreateDocfileOnILockBytes
GetRunningObjectTable
CoLoadLibrary
CoDisconnectObject
CreateStreamOnHGlobal
CoRevokeClassObject
StringFromIID
CoInitialize
CreateBindCtx

shell32

SHFileOperationW
Shell_NotifyIconW
ShellExecuteExW
SHFileOperationA
ShellExecuteEx
FindExecutableW
SHCreateDirectoryExW
DoEnvironmentSubstW
SHAddToRecentDocs

oleaut32

SysAllocStringLen
GetActiveObject
SafeArrayGetElement
GetErrorInfo
VariantCopyInd
VariantInit
SafeArrayUnaccessData

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75e0f5ce767a1be86c3078faa57716af

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

advapi32

ole32

shell32

oleaut32

Sections

.text Size: 69KB - Virtual size: 68KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB