325a484d31b2059472a66c6c8a935eea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

325a484d31b2059472a66c6c8a935eea_JaffaCakes118
Size

80KB
MD5

325a484d31b2059472a66c6c8a935eea
SHA1

9f55b3955aee98e8c756fa615862cf33ee0ea4b9
SHA256

914d27507c08318e45c1cb88c55a745cae3f65f8f92e66eeab94b0573615d8ea
SHA512

dc74e35523263778504b2cd1b7b2b53f0e1767c000c2f1000570ace3a5e8f11af46ce38c8f2a9c9d21aaccec5af75d0ab412153883a60aa53a2cbfd5fd03300e
SSDEEP

1536:Kee35pevOdITCBi3TrnRPS+P4Ot6yEcUxBsQaxCQ5Q2UFZJ28l6mjWnCR:Sc2dXBkTrnRrHEcGGCYpzo6m3R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
325a484d31b2059472a66c6c8a935eea_JaffaCakes118

Files

325a484d31b2059472a66c6c8a935eea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

abfd00d646f2350219a83615f9ad1eac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowTextA
GetMessageA
GetSubMenu
SetWindowPos
EnumWindows
UnhookWindowsHookEx
GetSysColorBrush
GetSysColor
EqualRect
GetScrollPos
PostQuitMessage
EnableMenuItem
FrameRect

kernel32

GetTimeZoneInformation
VirtualAllocEx
GetOEMCP
InterlockedExchange
GetTickCount
GetCurrentProcessId
ExitProcess
FileTimeToSystemTime
GetThreadLocale
GetStartupInfoA
GetSystemTime
GetFileAttributesA
GetTempPathA
RtlUnwind
SetUnhandledExceptionFilter

gdi32

ExcludeClipRect
CopyEnhMetaFileA
SetViewportExtEx
CreateICW
GetMapMode
DPtoLP
SelectClipPath
CreateCompatibleBitmap
FillRgn

ole32

CoTaskMemRealloc
OleRun
CoCreateInstance
StgOpenStorage
CoInitialize
DoDragDrop
StringFromGUID2
CoInitializeSecurity
CoRevokeClassObject

advapi32

RegCreateKeyA
GetUserNameA
CryptHashData
QueryServiceStatus
FreeSid
CheckTokenMembership
RegCreateKeyExW
GetSecurityDescriptorDacl
RegQueryValueExW
AdjustTokenPrivileges

msvcrt

fprintf
strncpy
_flsbuf
_mbscmp
fflush
signal
puts
strlen
strcspn
iswspace
__setusermatherr
__getmainargs
_CIpow
_lock
raise
_strdup
__initenv
_fdopen

comctl32

ImageList_DrawEx
ImageList_GetIconSize
ImageList_Destroy
CreatePropertySheetPageA
ImageList_SetIconSize
InitCommonControls
ImageList_GetBkColor
ImageList_LoadImageW
ImageList_DragEnter
ImageList_LoadImageA
ImageList_GetIcon
ImageList_Write
ImageList_ReplaceIcon

shell32

CommandLineToArgvW
SHBrowseForFolderA
ExtractIconExW
ShellExecuteW
DragQueryFileA
DragQueryFileW
ShellExecuteEx
DoEnvironmentSubstW
DragAcceptFiles
SHGetPathFromIDList
ExtractIconW

oleaut32

VariantCopy
SysReAllocStringLen
SafeArrayRedim
SafeArrayGetUBound
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayUnaccessData

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abfd00d646f2350219a83615f9ad1eac

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 6KB - Virtual size: 5KB