22bcdc94b4f2d8afa437e0f515ad36c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22bcdc94b4f2d8afa437e0f515ad36c8_JaffaCakes118
Size

89KB
MD5

22bcdc94b4f2d8afa437e0f515ad36c8
SHA1

58f40e0b1060a02bd5b05792a46977e35115d1ec
SHA256

63d98d219de9d43d31c1915523b11bff1d78b002f05a102fd4b551151f04cfb0
SHA512

c9f19df664642e8ad56974c567bef4a3a391ced7fd9fa38addd24a68c016554d0db72ae778c19e8b92da2c86a37c3ed854efd46d02196abd823c922a56d584ac
SSDEEP

1536:uFxBGOnkRLBasjADk8L6s7d3oZjsOxD4Aag08z7cUEMknKEtxk12YB/yVlV48G:uFJnkbljAD1BB3isOuAxpuPvtxu/yVlq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22bcdc94b4f2d8afa437e0f515ad36c8_JaffaCakes118

Files

22bcdc94b4f2d8afa437e0f515ad36c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8e25d7131518af904edf2759b2b76d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowPos
GetScrollPos
EnumWindows
GetSubMenu
EnableMenuItem
FrameRect
GetSysColorBrush
EqualRect
UnhookWindowsHookEx
GetMessageA
GetSysColor
PostQuitMessage
SetWindowTextA

kernel32

GetOEMCP
GetThreadLocale
GetStartupInfoA
QueryPerformanceCounter
VirtualAllocEx
RtlUnwind
GetFileAttributesA
GetCurrentProcessId
GetACP
SetUnhandledExceptionFilter
ExitProcess
FileTimeToSystemTime
GetTempPathA
InterlockedExchange
GetTimeZoneInformation
GetTickCount

gdi32

FillRgn
GetMapMode
SetViewportExtEx
CreateCompatibleBitmap
SelectClipPath
DPtoLP
CopyEnhMetaFileA
CreateICW
ExcludeClipRect

ole32

CoInitializeSecurity
CoCreateInstance
StgOpenStorage
CoInitialize
DoDragDrop
CoTaskMemRealloc
CoRevokeClassObject
StringFromGUID2
OleRun

advapi32

AdjustTokenPrivileges
RegQueryValueExW
CheckTokenMembership
GetSecurityDescriptorDacl
CryptHashData
RegCreateKeyA
QueryServiceStatus
RegCreateKeyExW
GetUserNameA
FreeSid

msvcrt

puts
_strdup
strlen
raise
iswspace
fflush
strncpy
_lock
fprintf
__initenv
strcspn
_mbscmp
_fdopen
signal
_CIpow
_flsbuf
__getmainargs
__setusermatherr

comctl32

ImageList_LoadImageA
ImageList_SetIconSize
ImageList_Destroy
ImageList_GetBkColor
ImageList_DragEnter
ImageList_LoadImageW
ImageList_GetIconSize
CreatePropertySheetPageA
ImageList_Write
InitCommonControls
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_DrawEx

shell32

DragQueryFileW
ExtractIconW
SHBrowseForFolderA
DragQueryFileA
ShellExecuteEx
CommandLineToArgvW
DoEnvironmentSubstW
SHGetPathFromIDList
ExtractIconExW
ShellExecuteW
DragAcceptFiles

oleaut32

SysReAllocStringLen
VariantCopy
SafeArrayGetUBound
SafeArrayRedim
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayCreate

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8e25d7131518af904edf2759b2b76d7

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 43KB - Virtual size: 42KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 43KB - Virtual size: 42KB

.rsrc
Size: 6KB - Virtual size: 5KB