3610962b50621e47f82473aef7a86035_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3610962b50621e47f82473aef7a86035_JaffaCakes118
Size

112KB
MD5

3610962b50621e47f82473aef7a86035
SHA1

512db829d0aecff9e06da541351e04e7786acee7
SHA256

ca50ad8032992ebee8f5d306b256b4f9637606b4712ca30acf56bc679d3e5406
SHA512

42c525a1e6920e034973ea6f7ec83d38a84ec1ce460b172da0f32d005cd4f7e515c41291e47b71e2adc1e4cc76e81063ac4547bae350c8fa7edd340a407a0c7e
SSDEEP

3072:Q2k8HQAgmQP4nyIBo7dXbyX1kgGVUXd/t:ngmMhbIkgGwd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3610962b50621e47f82473aef7a86035_JaffaCakes118

Files

3610962b50621e47f82473aef7a86035_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4214dfbf014b1f6e93a2e921b61cf92f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFileAttributesA
GetStartupInfoA
VirtualProtect
GetModuleHandleA
FormatMessageA
GetSystemTimeAsFileTime
RtlUnwind
WaitForMultipleObjects

user32

LoadCursorA
UnregisterClassA
IsWindowVisible
SendMessageA
ScrollWindow
GetForegroundWindow
EndDialog

msvcrt

log10
__set_app_type
wcschr
_CIsqrt
fputs
_XcptFilter
rewind
__p__fmode
__p__commode
strcpy
_acmdln
exit
__getmainargs
_initterm
localeconv
_except_handler3
_isatty
_osver
_assert
strcspn
__setusermatherr
_adjust_fdiv
_wcsnicmp
printf

shell32

SHGetSpecialFolderPathA
SHChangeNotify
ShellExecuteExW
DragQueryFileW
Shell_NotifyIconW
DoEnvironmentSubstW
SHGetFileInfo
SHGetPathFromIDList

advapi32

RegCloseKey
InitializeAcl
RegQueryInfoKeyW
OpenSCManagerW
RegQueryInfoKeyA
SetSecurityDescriptorDacl
IsValidSid
CryptHashData
DeleteService
RegEnumKeyExW
RegOpenKeyA

version

VerQueryValueA
VerInstallFileW
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoA

comctl32

ImageList_DragEnter
CreateToolbarEx
ImageList_Create
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_AddMasked
DestroyPropertySheetPage
ImageList_ReplaceIcon
ImageList_GetIconSize

ole32

PropVariantClear
CoUninitialize
IIDFromString
CoGetInterfaceAndReleaseStream
CoDisconnectObject
CLSIDFromProgID
OleInitialize
CoLoadLibrary

oleaut32

SafeArrayPtrOfIndex
SysReAllocStringLen
SafeArrayPutElement
LoadTypeLib

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4214dfbf014b1f6e93a2e921b61cf92f

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

advapi32

version

comctl32

ole32

oleaut32

Sections

.text Size: 74KB - Virtual size: 74KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 21KB - Virtual size: 20KB