317838f140459fa5099eada631b86381_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

317838f140459fa5099eada631b86381_JaffaCakes118
Size

143KB
MD5

317838f140459fa5099eada631b86381
SHA1

3f3779694afa7b3ae9e7bc3c178bc6f9101c85b4
SHA256

3b998dcaebd1db00c9167919863bcaa2b55064b96a30e1ed9a68098b19987536
SHA512

2d5612eca4261b71c203b511162d094dbcb260fd8ba63e4ad026d754699231f737561f7238aa2b2d652647b8a36cc1afcd8402e0949650ba5f1f66c91041a2e1
SSDEEP

3072:B3O2h7+2GHVd7QKsIREdlkhkMZk45F7a+LnQbOsA1ZVSI2vB1:Mzd7AkhkMeX+jFfrN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
317838f140459fa5099eada631b86381_JaffaCakes118

Files

317838f140459fa5099eada631b86381_JaffaCakes118
.exe windows:5 windows x86 arch:x86

adb1c74f1bf55706c891eb6bdba1b2aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetConsoleOutputCP
OutputDebugStringA
GlobalReAlloc
GetStartupInfoA
VirtualProtect
UnhandledExceptionFilter
GetTimeZoneInformation
SetCurrentDirectoryA
GetLocaleInfoW

msvcrt

__p__fmode
_kbhit
_initterm
strpbrk
_acmdln
__setusermatherr
exit
_adjust_fdiv
_dup2
_XcptFilter
_strdup
_lseeki64
_except_handler3
_pctype
__set_app_type
__getmainargs
__p__commode
log
sqrt
wcstoul

user32

GetFocus
InvalidateRect
DrawMenuBar
DispatchMessageA
GetCursorPos

gdi32

GetEnhMetaFilePaletteEntries
CopyMetaFileA
StretchBlt
RestoreDC
Pie
GetDCOrgEx
CopyMetaFileW
OffsetViewportOrgEx
SetArcDirection

comctl32

ImageList_Draw
ImageList_BeginDrag
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_AddMasked

ole32

StgOpenStorageOnILockBytes
IsEqualGUID
CreateItemMoniker
ReleaseStgMedium
CoLoadLibrary
OleIsCurrentClipboard
CoInitialize
PropVariantClear
CLSIDFromProgID

shell32

SHChangeNotify
SHGetDiskFreeSpaceExW
DragQueryFileA
SHGetPathFromIDListA
SHCreateDirectoryExW
SHGetSettings

oleaut32

SetErrorInfo
GetActiveObject
VariantInit
VariantCopy

advapi32

CheckTokenMembership
RegDeleteValueA
FreeSid
CopySid
RegOpenKeyA
RevertToSelf
InitializeSecurityDescriptor
GetLengthSid
RegOpenKeyExA

version

VerQueryValueW
VerInstallFileW
GetFileVersionInfoSizeW
VerInstallFileA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

adb1c74f1bf55706c891eb6bdba1b2aa

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

comctl32

ole32

shell32

oleaut32

advapi32

version

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 29KB - Virtual size: 104KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 29KB - Virtual size: 104KB