2697d8678c5ccd1b814ee087189b98d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2697d8678c5ccd1b814ee087189b98d9_JaffaCakes118
Size

125KB
MD5

2697d8678c5ccd1b814ee087189b98d9
SHA1

b727ac72219be14899ff41480da0bb70f9b90ce3
SHA256

9b23d6462398dcd0aa03ef3352d709cea1249c63f013f1f0b7fd9f570e897152
SHA512

ff9b23bcd999db6f3d17586fde4a2a14b7cd7734dedc31e656e13aff0798de412e746bb75d32d7a37f28781de0619b64ccdc33c21973c9544e478b3aa6cb4444
SSDEEP

3072:k/YKbWOLRciR1YwoWyrTsu7LaNOAIvwRxhyRfjG5Sjkf7:GYwEIGaNRRxcRfa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2697d8678c5ccd1b814ee087189b98d9_JaffaCakes118

Files

2697d8678c5ccd1b814ee087189b98d9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f291e50ae0928b6583a69984b23fc38d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_adjust_fdiv
__set_app_type
_acmdln
_initterm
strchr
__p__commode
_XcptFilter
fputc
_except_handler3
log
_wcsupr
__getmainargs
__setusermatherr
__p__fmode
_controlfp
_snprintf
exit
_c_exit
isleadbyte
strncat

kernel32

GetEnvironmentStringsW
GetModuleHandleA
GetModuleHandleW
GetCurrentDirectoryA
GetStringTypeW
CreateProcessA
VirtualProtect
GetVersionExW
GetVersion
InterlockedDecrement
GetStartupInfoA
TerminateProcess

ole32

CoTaskMemFree
OleRun
ReleaseStgMedium
CLSIDFromProgID
StringFromGUID2
OleSetMenuDescriptor
CLSIDFromString
CoLoadLibrary
OleUninitialize
CoInitializeSecurity

user32

DrawFrameControl
GetMenuState
SetActiveWindow
SendMessageA
GetCapture
GetKeyState
UpdateWindow
DefWindowProcA
GetClientRect
GetCursorPos
GetForegroundWindow
RegisterWindowMessageA

comctl32

CreateStatusWindowA
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Remove
InitCommonControlsEx
ImageList_EndDrag
ImageList_LoadImageW
ImageList_SetOverlayImage

shell32

SHCreateDirectoryExW
SHGetDesktopFolder
Shell_NotifyIconW
SHChangeNotify
SHBrowseForFolderA
SHGetFolderLocation
ExtractIconExW

gdi32

EndPage
GetViewportExtEx
RectVisible
ExtCreateRegion
ExcludeClipRect
SetWinMetaFileBits
SaveDC
SetMetaFileBitsEx
PatBlt

advapi32

RegQueryValueA
RegOpenKeyA
CheckTokenMembership
GetTokenInformation
CryptHashData
LookupPrivilegeValueW
CryptDestroyHash
OpenSCManagerW
OpenThreadToken

oleaut32

SafeArrayGetElement
SafeArrayPtrOfIndex
SetErrorInfo
GetErrorInfo
CreateErrorInfo
SysReAllocStringLen

version

GetFileVersionInfoSizeW
VerFindFileW
VerQueryValueW
VerQueryValueA
VerInstallFileW
VerLanguageNameA
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f291e50ae0928b6583a69984b23fc38d

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

user32

comctl32

shell32

gdi32

advapi32

oleaut32

version

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 89KB - Virtual size: 88KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 89KB - Virtual size: 88KB