21aa5ec9e0385df075dd5fbaf0aacf95_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21aa5ec9e0385df075dd5fbaf0aacf95_JaffaCakes118
Size

132KB
MD5

21aa5ec9e0385df075dd5fbaf0aacf95
SHA1

1ab112fa5c2affb6b8f4951e528923287ff004b2
SHA256

c731709572e49d746f26ba5b4b4ba12b5bf535c104504fbcce4b3ce607ffc298
SHA512

eec65bef06c5a2d886445b971fa033361690c65544002170dc48e2a36860e06a4ee44d9ab3cd05ada64156046fe4e7aaed76e71ea7255fcee92474fb55d3308a
SSDEEP

3072:DtEpLUMIUH7/5+wKEyFqMkQIATCEoUntPTnDNYYGS1Xjyb319gqPQuFK:DtEp5C3FflZC7OpgS0b319gS1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21aa5ec9e0385df075dd5fbaf0aacf95_JaffaCakes118

Files

21aa5ec9e0385df075dd5fbaf0aacf95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6854cfcef21522bb4b6dcb3aacd70f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTempFileNameA
VirtualProtect
GetModuleHandleA
GetCommandLineW
LocalAlloc
FileTimeToSystemTime
DisableThreadLibraryCalls
LCMapStringA
GetStartupInfoA

msvcrt

__p__fmode
_write
_adjust_fdiv
_controlfp
_isatty
_acmdln
__setusermatherr
__p__commode
_XcptFilter
exit
_filbuf
_initterm
log10
__badioinfo
strstr
__set_app_type
__getmainargs
_except_handler3

gdi32

PlayEnhMetaFile
CreateBitmap
SetWinMetaFileBits
SelectClipRgn
GdiFlush
GetNearestPaletteIndex
SetGraphicsMode
TextOutW
ExtTextOutW
RectVisible

comctl32

ImageList_SetDragCursorImage
ImageList_Create
CreateToolbarEx
ImageList_ReplaceIcon
ImageList_GetImageCount
InitializeFlatSB
ImageList_EndDrag
PropertySheetW

user32

IsIconic
FindWindowA
CallWindowProcA
GetParent
DialogBoxParamA
GetSubMenu
GetSystemMenu
PtInRect

shell32

DragQueryFileW
SHGetPathFromIDListA
SHBindToParent
SHChangeNotify
SHAppBarMessage
SHBrowseForFolder
ShellExecuteW
SHGetFileInfo
ShellExecuteA
SHGetSpecialFolderLocation

ole32

CoUninitialize
PropVariantClear
CoReleaseMarshalData
CreateBindCtx
CoRegisterMessageFilter
OleFlushClipboard
OleSetClipboard
OleUninitialize
DoDragDrop
StringFromGUID2

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExA
RegFlushKey
RevertToSelf
DeleteService
OpenThreadToken
QueryServiceStatus
SetSecurityDescriptorDacl
RegCreateKeyExW
EqualSid
CryptCreateHash
CryptDestroyHash
RegQueryValueExW

oleaut32

SetErrorInfo
VariantClear
SafeArrayCreate
SysFreeString
LoadTypeLib
SafeArrayGetUBound
SysAllocStringLen

version

VerFindFileW
GetFileVersionInfoW
VerInstallFileW
VerInstallFileA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6854cfcef21522bb4b6dcb3aacd70f8

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

comctl32

user32

shell32

ole32

advapi32

oleaut32

version

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 94KB - Virtual size: 93KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 94KB - Virtual size: 93KB