365c46259ae7ab6f0d33d22d190fed1b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

365c46259ae7ab6f0d33d22d190fed1b_JaffaCakes118
Size

81KB
MD5

365c46259ae7ab6f0d33d22d190fed1b
SHA1

22069eb9edffa420c650c6a449f0a4165d12edcf
SHA256

03d6ba5b9c7b7ef95e9ad0846cc136c8dcd1d817bdad01f29bda16fc69b5bc1f
SHA512

d51fe89309f19b41dae88479cd19d9a46fe3670d07e90b9105a0f9216abff99d534c7c027f9e904e974ba10b8022cdda5daa5a319f488c8131511bd7bb2f6ac3
SSDEEP

1536:5qzYq7ymSe+9qd7Wffo8vwpAYwn7ZInuFQx8Xdgea9dG:Iz97yhrqd7Wo0wKYwitx8eea9E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
365c46259ae7ab6f0d33d22d190fed1b_JaffaCakes118

Files

365c46259ae7ab6f0d33d22d190fed1b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0241058975c9c00ad49cfce789e66ed8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSubMenu
SetWindowPos
PostQuitMessage
EnableMenuItem
GetMessageA
EnumWindows
GetScrollPos
UnhookWindowsHookEx
GetSysColorBrush
GetSysColor
SetWindowTextA
FrameRect
EqualRect

kernel32

GetACP
SetUnhandledExceptionFilter
FileTimeToSystemTime
GetThreadLocale
RtlUnwind
GetStartupInfoA
VirtualAllocEx
ExitProcess
GetTempPathA
GetOEMCP
GetTimeZoneInformation
GetSystemTime
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetFileAttributesA
InterlockedExchange

gdi32

SetViewportExtEx
CreateCompatibleBitmap
DPtoLP
FillRgn
ExcludeClipRect
SelectClipPath
GetMapMode
CreateICW
CopyEnhMetaFileA

ole32

CoCreateInstance
CoTaskMemRealloc
StgOpenStorage
CoInitializeSecurity
OleRun
CoInitialize
DoDragDrop
StringFromGUID2
CoRevokeClassObject

advapi32

GetSecurityDescriptorDacl
FreeSid
RegCreateKeyA
CryptHashData
QueryServiceStatus
CheckTokenMembership
AdjustTokenPrivileges
RegCreateKeyExW
RegQueryValueExW
GetUserNameA

msvcrt

fflush
_mbscmp
puts
__getmainargs
raise
_flsbuf
iswspace
strncpy
__setusermatherr
strlen
_CIpow
signal
__initenv
_fdopen
_lock
strcspn
fprintf
_strdup

comctl32

ImageList_LoadImageA
ImageList_DragEnter
ImageList_GetIcon
ImageList_LoadImageW
ImageList_Write
ImageList_GetIconSize
ImageList_Destroy
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_GetBkColor
ImageList_DrawEx
InitCommonControls

shell32

ExtractIconExW
ShellExecuteW
DoEnvironmentSubstW
DragQueryFileA
SHBrowseForFolderA
ShellExecuteEx
CommandLineToArgvW
DragQueryFileW
ExtractIconW
DragAcceptFiles
SHGetPathFromIDList

oleaut32

SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayCreate
SafeArrayGetUBound
VariantCopy
SysReAllocStringLen
SafeArrayPutElement

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0241058975c9c00ad49cfce789e66ed8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 84KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 84KB