31c0c940879542f2ec7c935c8ba28b78_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31c0c940879542f2ec7c935c8ba28b78_JaffaCakes118
Size

25KB
MD5

31c0c940879542f2ec7c935c8ba28b78
SHA1

9b128fa1af4903970a7631b7f55147a9940265e6
SHA256

a9c81823f1b89ec6f26cea8dbe490a5aafaa4c6cdcd99201a84a96278e6659bd
SHA512

f781ddcde874fd610bd22b486f3a50196119d035e1b6ec6db362485ff306c1070ae3f209184c402a0971e4f8f12209998308eaeef1ad9a46862e42e37343fbcd
SSDEEP

384:KFIh0n5/RMKjaGPkn9Ge3ExrH0JnhGRhhNdtxmR82sThYdAspSk4x2Ss:KCg4K1Pk9D0RYG3Jnm6pWdzn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31c0c940879542f2ec7c935c8ba28b78_JaffaCakes118

Files

31c0c940879542f2ec7c935c8ba28b78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b47c733872400cd3e4dca21a08f19536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
CascadeWindows
GetClipboardFormatNameW
SetProcessWindowStation
DrawCaptionTempW
DrawFrameControl
GetUserObjectSecurity
GetNextDlgGroupItem
GetWindowPlacement
DdeUnaccessData
DlgDirSelectComboBoxExW
MapWindowPoints
LoadCursorW
IntersectRect
MoveWindow
DdePostAdvise
LoadImageA
SetClassLongW
ValidateRect
SetDlgItemTextW
DlgDirSelectComboBoxExA
DdeFreeDataHandle
RemoveMenu
AdjustWindowRectEx
SetProcessDefaultLayout
SetScrollPos
IsWindowEnabled
GetTitleBarInfo
DispatchMessageA
GetMenuStringW
WindowFromPoint
RemovePropW

advapi32

ClearEventLogA
RevertToSelf
MakeSelfRelativeSD
GetKernelObjectSecurity
GetNamedSecurityInfoA
ImpersonateLoggedOnUser
RegEnumKeyExW
ObjectDeleteAuditAlarmW
GetCurrentHwProfileW
CreateServiceW
DuplicateToken
EnumServicesStatusA

kernel32

LocalUnlock
VirtualFree
GetNumberOfConsoleMouseButtons
GetDiskFreeSpaceExA
GetStdHandle
lstrcmpiW
GetProfileStringA
BackupSeek
lstrcmpA
lstrcatA
HeapCompact
GetConsoleScreenBufferInfo
GetProcessHeap
GetTimeFormatA
SystemTimeToFileTime
FatalAppExitA
GlobalAddAtomW
FindClose
HeapReAlloc
CreateMutexA
lstrlenA
WaitCommEvent
lstrcmpW
SetFilePointer
GetLocalTime
lstrcmpiA
GetDriveTypeA
DebugBreak
TerminateProcess
UnlockFileEx
GetModuleHandleW
GetStartupInfoW
ExitProcess
GetComputerNameW
GetModuleHandleA
GetLastError
GetCommandLineW
LockFileEx
OpenFileMappingA
LCMapStringA
SetErrorMode
VirtualAllocEx

gdi32

GetOutlineTextMetricsW
WidenPath
ResetDCW
PaintRgn
SetSystemPaletteUse
GetObjectType
GetDCOrgEx
GetObjectA
CreateDIBSection
GdiFlush
LineTo
GetROP2
SetMapMode
CheckColorsInGamut
LPtoDP
GetMiterLimit
CreatePalette
SetLayout
GetTextCharset
CancelDC
GetTextMetricsA
GetLayout
GetTextExtentPointA
SetLayout
AbortPath
GetCurrentPositionEx

msvcrt

ungetc
__p__tzname
wcspbrk
putc
_mbctolower
perror
_wspawnl
_safe_fdiv
_wspawnlp
strchr
srand
_rotr
_ismbclegal
_wexecv
_adj_fdiv_m32i
_waccess
_mbsnextc
_adjust_fdiv
freopen
_filelength
_jn
_wchmod
_mbslen
wcstol
fgetws
_chgsign
getwchar
_hypot
_chsize
_tolower
strstr
tanh
asctime

ole32

CreateItemMoniker
CoGetCurrentProcess
HMETAFILEPICT_UserFree
HACCEL_UserMarshal
OleDoAutoConvert
OleInitialize
HBITMAP_UserUnmarshal
StringFromGUID2
OleBuildVersion

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.khhbl
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.klhw
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.obhk
Size: 2KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b47c733872400cd3e4dca21a08f19536

Headers

File Characteristics

Imports

user32

advapi32

kernel32

gdi32

msvcrt

ole32

Sections

.text Size: 15KB - Virtual size: 16KB

.khhbl Size: 4KB - Virtual size: 10KB

.klhw Size: 2KB - Virtual size: 8KB

.obhk Size: 2KB - Virtual size: 22KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 16KB

.khhbl
Size: 4KB - Virtual size: 10KB

.klhw
Size: 2KB - Virtual size: 8KB

.obhk
Size: 2KB - Virtual size: 22KB

.reloc
Size: 1024B - Virtual size: 1KB