32e036adb96f5a683bafb517fb67b3e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

32e036adb96f5a683bafb517fb67b3e7_JaffaCakes118
Size

213KB
MD5

32e036adb96f5a683bafb517fb67b3e7
SHA1

f99c7fd817b9f921cc755777eeea414e667eda2b
SHA256

9a462458c43287a4c0e9129732a92552a9d5bd49220958779079f63307a020ac
SHA512

272016b55c4a1f51abed9adb3bd854dc0a335d62cfd6c37e1152947afa1cce3a2ef85ae686642518d384e073682cf76c0642ae58636960c8b79c9f24a6ddcaf4
SSDEEP

3072:g/QUbBJXIzS8zuFqDXMuD6pEQU2LNIiE7C/9SJGPq2kK/iiLqUPs:FuBJYbAqDcuD6OMNIiEK9SJm1KdV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32e036adb96f5a683bafb517fb67b3e7_JaffaCakes118

Files

32e036adb96f5a683bafb517fb67b3e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b4020997f26445ad450ceb10e0f0f7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
CryptHashData
OpenSCManagerA
RegDeleteKeyW
RegQueryValueA

shell32

ExtractAssociatedIconW
SHBrowseForFolderA
SHBrowseForFolderW
SHGetFolderLocation
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW

user32

BeginPaint
CallNextHookEx
CheckMenuItem
CloseClipboard
CreatePopupMenu
DestroyCursor
DrawEdge
EmptyClipboard
EnableWindow
EnumThreadWindows
GetCapture
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetKeyboardType
GetMenuStringA
GetWindowTextA
InsertMenuItemA
IsIconic
IsRectEmpty
IsZoomed
LoadCursorA
OffsetRect
OpenClipboard
SetForegroundWindow
ShowCursor
UnregisterClassA
wsprintfA

comctl32

DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
InitCommonControlsEx

gdi32

CopyEnhMetaFileA
CopyMetaFileA
CreateEnhMetaFileA
CreatePalette
DeleteMetaFile
ExtEscape
GetBitmapBits
GetCharWidthA
GetEnhMetaFileBits
GetNearestColor
GetTextAlign
GetTextExtentExPointW
GetViewportOrgEx
IntersectClipRect
LPtoDP
MoveToEx
OffsetClipRgn
PolyDraw
RectInRegion
ScaleViewportExtEx
SetColorAdjustment
SetMapMode
SetMapperFlags
UnrealizeObject

ole32

CLSIDFromProgID
CoCreateGuid
CoFreeUnusedLibraries
CoGetMalloc
CoLoadLibrary
CoRegisterClassObject
CoRevokeClassObject
CoSetProxyBlanket
CoTaskMemAlloc
CoUninitialize
CreateBindCtx
CreateItemMoniker
OleRun
ReleaseStgMedium
RevokeDragDrop
StgOpenStorage
StringFromCLSID
StringFromGUID2
StringFromIID

kernel32

CreateFileA
DisableThreadLibraryCalls
FindClose
FreeResource
GetDateFormatA
GetFileSize
GetFileType
GetLocaleInfoW
GetModuleHandleA
GetProcAddress
GlobalHandle
InterlockedExchange
IsBadReadPtr
IsDebuggerPresent
LoadResource
LocalAlloc
QueryPerformanceCounter
RemoveDirectoryA
SetThreadPriority
Sleep
SystemTimeToFileTime

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

prbiJohn
Size: 1KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1b4020997f26445ad450ceb10e0f0f7d

Headers

File Characteristics

Imports

advapi32

shell32

user32

comctl32

gdi32

ole32

kernel32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

prbiJohn Size: 1KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

prbiJohn
Size: 1KB - Virtual size: 120KB