31dde33678d20cbd95a8ec4a1f30d50b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31dde33678d20cbd95a8ec4a1f30d50b_JaffaCakes118
Size

105KB
MD5

31dde33678d20cbd95a8ec4a1f30d50b
SHA1

08e8e81b63b696622b870ea681631f83505e1f39
SHA256

621c6f81321437a0c08fb451313f206a1990f690ed3d8b74635622cea67b2b49
SHA512

9ebfb64e88d450dcc09bfe70636fe9691c08ee077ccfb8936f967bcfa0b123f32e1c5dac2fa03d033abbb520ec30e15849aac226de2e7f67a682863b51143ea3
SSDEEP

3072:HLbNy+4z9D/dx74TzNDD9xRMIChflgF4dVW/h:H9y+m9/wTpDD9IDxlg2WJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31dde33678d20cbd95a8ec4a1f30d50b_JaffaCakes118

Files

31dde33678d20cbd95a8ec4a1f30d50b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2dd190112d8b40aa4c3fda3765cb94ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostQuitMessage
GetSysColor
SetWindowTextA
UnhookWindowsHookEx
SetWindowPos
GetMessageA
GetSysColorBrush
GetSubMenu
GetScrollPos
EqualRect
FrameRect
EnumWindows
EnableMenuItem

kernel32

VirtualAllocEx
GetTickCount
GetOEMCP
GetFileAttributesA
GetStartupInfoA
InterlockedExchange
GetTempPathA
RtlUnwind
QueryPerformanceCounter
GetThreadLocale
GetSystemTime
GetCurrentProcessId
GetTimeZoneInformation
ExitProcess
SetUnhandledExceptionFilter
FileTimeToSystemTime

gdi32

GetMapMode
DPtoLP
CopyEnhMetaFileA
ExcludeClipRect
FillRgn
CreateICW
SetViewportExtEx
CreateCompatibleBitmap
SelectClipPath

ole32

DoDragDrop
OleRun
CoCreateInstance
StringFromGUID2
CoRevokeClassObject
StgOpenStorage
CoTaskMemRealloc
CoInitialize
CoInitializeSecurity

advapi32

RegCreateKeyA
GetUserNameA
CheckTokenMembership
AdjustTokenPrivileges
RegQueryValueExW
RegCreateKeyExW
FreeSid
GetSecurityDescriptorDacl
QueryServiceStatus
CryptHashData

msvcrt

_mbscmp
puts
_lock
iswspace
_flsbuf
strlen
__getmainargs
_strdup
strcspn
_CIpow
strncpy
__initenv
fprintf
__setusermatherr
signal
fflush
raise
_fdopen

comctl32

InitCommonControls
ImageList_Write
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_GetIcon
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_GetBkColor
ImageList_SetIconSize
ImageList_DragEnter
ImageList_DrawEx
ImageList_Destroy

shell32

SHGetPathFromIDList
DragQueryFileA
SHBrowseForFolderA
DragAcceptFiles
CommandLineToArgvW
ShellExecuteEx
ShellExecuteW
ExtractIconExW
DragQueryFileW
DoEnvironmentSubstW
ExtractIconW

oleaut32

SafeArrayCreate
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayGetUBound
VariantCopy
SafeArrayPutElement
SafeArrayRedim
SysReAllocStringLen

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2dd190112d8b40aa4c3fda3765cb94ed

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 40KB - Virtual size: 39KB

.rsrc Size: 31KB - Virtual size: 34KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 31KB - Virtual size: 34KB