370ad98ca3c40f1ac129dc3e39a38ac7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

370ad98ca3c40f1ac129dc3e39a38ac7_JaffaCakes118
Size

137KB
MD5

370ad98ca3c40f1ac129dc3e39a38ac7
SHA1

3cfd2ffa8280bdabfbfa8a9ebe35bafa3e308a5d
SHA256

3a96163f72355e6d8dbf963e4e3a9fa2498f377f056a3ec35ebf795b332fb5b5
SHA512

c64bd43abae899e263c6d95bf524c2c666bb120184b263c8680494311e55f9bf05b41fd78893e279db5d71efbadd12a032040b28c62e238fc99d7d7806af0d98
SSDEEP

3072:XYiV+mckkwHuwPjqPxQ189HXrJuvIx7svtkLgZuwDVZRKzzm4HMD:I4h5uca97JWICkEpczzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
370ad98ca3c40f1ac129dc3e39a38ac7_JaffaCakes118

Files

370ad98ca3c40f1ac129dc3e39a38ac7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa0840637b9829d585a850b9f49f48dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__p__commode
_flsbuf
_except_handler3
_XcptFilter
_stat
_controlfp
_dup
_adjust_fdiv
__getmainargs
__set_app_type
exit
__setusermatherr
memcmp
_wcslwr
_beginthreadex
__initenv
_acmdln
_initterm
__p__fmode
log
strerror
iswdigit
strcmp
fread

kernel32

GetModuleHandleA
GetTickCount
OpenProcess
FileTimeToLocalFileTime
GlobalHandle
MultiByteToWideChar
VirtualProtect
GetFileAttributesW
GetCurrentDirectoryA
GetTempFileNameA
GetSystemDirectoryA
GetStartupInfoA

comctl32

ImageList_AddMasked
InitCommonControls
CreateToolbarEx
ImageList_GetImageInfo
ImageList_Read
ImageList_SetImageCount
ImageList_Add
ImageList_DragLeave
ImageList_GetIconSize

oleaut32

SysFreeString
VariantCopy
SafeArrayGetUBound
GetErrorInfo
VariantClear
LoadTypeLib
SafeArrayGetElement
GetActiveObject
SafeArrayPtrOfIndex

ole32

CreateItemMoniker
DoDragDrop
StringFromGUID2
OleRun
CreateILockBytesOnHGlobal
OleInitialize
CoCreateGuid
CoInitializeSecurity
CoReleaseMarshalData
IsEqualGUID

version

VerFindFileW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA

advapi32

RegCreateKeyExW
CopySid
RegEnumKeyExW
GetLengthSid
RegSetValueExW
RegQueryValueA
RegEnumKeyExA
DeregisterEventSource
RegEnumKeyW

gdi32

CreateCompatibleBitmap
Escape
UnrealizeObject
CreateFontIndirectW
GetEnhMetaFileDescriptionA
SetEnhMetaFileBits
GetTextExtentExPointW
GetDIBColorTable
CreateDIBitmap
GetBkColor

user32

WaitMessage
CreateWindowExA
ShowWindow
GetSystemMenu
GetScrollInfo
ReleaseCapture
SetFocus
InflateRect

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHBrowseForFolderW
SHGetFolderPathA
SHGetSpecialFolderPathA
SHFileOperationW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa0840637b9829d585a850b9f49f48dd

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

oleaut32

ole32

version

advapi32

gdi32

user32

shell32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 101KB - Virtual size: 101KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 101KB - Virtual size: 101KB