23fcb334971fff89924419693f3c143a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

23fcb334971fff89924419693f3c143a_JaffaCakes118
Size

85KB
MD5

23fcb334971fff89924419693f3c143a
SHA1

4ad71a804b9268946ab320bb0ee37fbe0ba9032e
SHA256

b1df28ca3be698da37058d47312652c44920d808cd5b0f7890e9e4376eba89ea
SHA512

e59963f1b2d14f0d1ff9d1643c198a45452d070d8c98a927c6d4cf690ac83f67b7b3ced78a347f90170917f134416db036bd475724ec7267107eecbf17ff3960
SSDEEP

1536:5kservwsdioI7FKettTlWURYP4x1xB7qvo2hAgQ1ACVWWQYpbh7E:ismw5HFHvTIUq4xXBOPhu1ACV5v7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23fcb334971fff89924419693f3c143a_JaffaCakes118

Files

23fcb334971fff89924419693f3c143a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1c81120ea26be97b7db4c716c2a430

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EnableMenuItem
UnhookWindowsHookEx
FrameRect
GetMessageA
GetSubMenu
GetSysColorBrush
PostQuitMessage
SetWindowTextA
GetSysColor
EnumWindows
GetScrollPos
EqualRect
SetWindowPos

kernel32

VirtualAllocEx
ExitProcess
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetTickCount
InterlockedExchange
GetThreadLocale
GetTempPathA
GetSystemTime
GetACP
GetOEMCP
FileTimeToSystemTime
RtlUnwind
GetCurrentProcessId
GetStartupInfoA
GetFileAttributesA
QueryPerformanceCounter

gdi32

DPtoLP
ExcludeClipRect
CopyEnhMetaFileA
SelectClipPath
CreateICW
CreateCompatibleBitmap
FillRgn
GetMapMode
SetViewportExtEx

ole32

CoRevokeClassObject
OleRun
DoDragDrop
CoCreateInstance
CoTaskMemRealloc
CoInitializeSecurity
StgOpenStorage
CoInitialize
StringFromGUID2

advapi32

RegCreateKeyExW
FreeSid
CryptHashData
RegCreateKeyA
AdjustTokenPrivileges
RegQueryValueExW
GetSecurityDescriptorDacl
QueryServiceStatus
CheckTokenMembership
GetUserNameA

msvcrt

_fdopen
__initenv
raise
iswspace
_lock
strncpy
_strdup
strlen
_CIpow
strcspn
__getmainargs
fprintf
fflush
_flsbuf
puts
__setusermatherr
_mbscmp
signal

comctl32

ImageList_GetBkColor
ImageList_GetIconSize
ImageList_DrawEx
ImageList_DragEnter
InitCommonControls
ImageList_Write
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_GetIcon
ImageList_Destroy
CreatePropertySheetPageA
ImageList_LoadImageW

shell32

DragQueryFileW
ShellExecuteEx
SHBrowseForFolderA
ExtractIconExW
DoEnvironmentSubstW
DragQueryFileA
SHGetPathFromIDList
CommandLineToArgvW
ShellExecuteW
ExtractIconW
DragAcceptFiles

oleaut32

SafeArrayCreate
SafeArrayGetUBound
SafeArrayPtrOfIndex
VariantCopy
SysReAllocStringLen
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayRedim

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e1c81120ea26be97b7db4c716c2a430

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 42KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 34KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 34KB