2e151a18a8cd81d272af3969796fb922_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e151a18a8cd81d272af3969796fb922_JaffaCakes118
Size

85KB
MD5

2e151a18a8cd81d272af3969796fb922
SHA1

104f0ca61524fec301edfa438897f4c4f5535f51
SHA256

fa0fb8dc98103a84c9a5858b96be47b98dea0615d1d5f05ce0abcacb268f4f70
SHA512

018e8e710dd382771bad02549e79041f13c0acfaafecde58bde303d5176df46e2e29bd0a642e96023f6ce109e9a9a5f1cc489f9f0f04c731173d2e54bca6d0d2
SSDEEP

1536:NkservwsdioI7FKettTlWURYP4x1xB7qvo2hAgQ1ACVWWQYpbh7E:usmw5HFHvTIUq4xXBOPhu1ACV5v7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e151a18a8cd81d272af3969796fb922_JaffaCakes118

Files

2e151a18a8cd81d272af3969796fb922_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e1c81120ea26be97b7db4c716c2a430

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EnableMenuItem
UnhookWindowsHookEx
FrameRect
GetMessageA
GetSubMenu
GetSysColorBrush
PostQuitMessage
SetWindowTextA
GetSysColor
EnumWindows
GetScrollPos
EqualRect
SetWindowPos

kernel32

VirtualAllocEx
ExitProcess
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetTickCount
InterlockedExchange
GetThreadLocale
GetTempPathA
GetSystemTime
GetACP
GetOEMCP
FileTimeToSystemTime
RtlUnwind
GetCurrentProcessId
GetStartupInfoA
GetFileAttributesA
QueryPerformanceCounter

gdi32

DPtoLP
ExcludeClipRect
CopyEnhMetaFileA
SelectClipPath
CreateICW
CreateCompatibleBitmap
FillRgn
GetMapMode
SetViewportExtEx

ole32

CoRevokeClassObject
OleRun
DoDragDrop
CoCreateInstance
CoTaskMemRealloc
CoInitializeSecurity
StgOpenStorage
CoInitialize
StringFromGUID2

advapi32

RegCreateKeyExW
FreeSid
CryptHashData
RegCreateKeyA
AdjustTokenPrivileges
RegQueryValueExW
GetSecurityDescriptorDacl
QueryServiceStatus
CheckTokenMembership
GetUserNameA

msvcrt

_fdopen
__initenv
raise
iswspace
_lock
strncpy
_strdup
strlen
_CIpow
strcspn
__getmainargs
fprintf
fflush
_flsbuf
puts
__setusermatherr
_mbscmp
signal

comctl32

ImageList_GetBkColor
ImageList_GetIconSize
ImageList_DrawEx
ImageList_DragEnter
InitCommonControls
ImageList_Write
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_GetIcon
ImageList_Destroy
CreatePropertySheetPageA
ImageList_LoadImageW

shell32

DragQueryFileW
ShellExecuteEx
SHBrowseForFolderA
ExtractIconExW
DoEnvironmentSubstW
DragQueryFileA
SHGetPathFromIDList
CommandLineToArgvW
ShellExecuteW
ExtractIconW
DragAcceptFiles

oleaut32

SafeArrayCreate
SafeArrayGetUBound
SafeArrayPtrOfIndex
VariantCopy
SysReAllocStringLen
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayRedim

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e1c81120ea26be97b7db4c716c2a430

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 42KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 34KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 34KB