398b6103d8d2d300b5bb77f484fa70d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

398b6103d8d2d300b5bb77f484fa70d6_JaffaCakes118
Size

21KB
MD5

398b6103d8d2d300b5bb77f484fa70d6
SHA1

25b51b8a848b9017c11b431131cb4acfc802a590
SHA256

c324f2af70f2326ed8ece90a4cb8e2f34a05157ebd91140411c8b971d76e1025
SHA512

f797556c0aac4b0fa995e580f52d20ef9f8642a8d1d095073f4eee39be5f524640240366941bd00a4a952af099182d0cc6f890cbce9f07518ac8813b6739ed3b
SSDEEP

384:xhq7hBLBWpIfV+agi4IuFNHoCZK+vnFwZDHTG+qkkD3mTbcG:WBLBGwoaaFTvsDHTFqnTmUG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
398b6103d8d2d300b5bb77f484fa70d6_JaffaCakes118

Files

398b6103d8d2d300b5bb77f484fa70d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac322db68b58926dd163f966cfd92d8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CLIPFORMAT_UserFree
BindMoniker
CoDisconnectObject
CoCreateObjectInContext
PropVariantChangeType
CLIPFORMAT_UserSize
CLIPFORMAT_UserUnmarshal
CLSIDFromOle1Class
CLSIDFromProgIDEx
CLSIDFromProgID
CLIPFORMAT_UserMarshal

kernel32

VirtualAlloc
MapViewOfFile
GetLastError
InitializeCriticalSection
FreeLibrary
WritePrivateProfileStringA
Sleep
WritePrivateProfileStructA
EnterCriticalSection
LocalFree
GetCurrentProcess
LeaveCriticalSection
InterlockedIncrement
DeleteCriticalSection
SetUnhandledExceptionFilter
WideCharToMultiByte
GetSystemTimeAsFileTime
GetTickCount
WriteProfileStringA
GetProcAddress
GetCurrentProcessId
WriteConsoleW
UnhandledExceptionFilter
ExitProcess
WriteProfileSectionA
LoadLibraryA
MultiByteToWideChar
GetCurrentThreadId
TerminateProcess
WritePrivateProfileSectionA
QueryPerformanceCounter
CloseHandle

comdlg32

GetFileTitleA
ChooseFontA
FindTextA
GetSaveFileNameA
LoadAlterBitmap
PageSetupDlgA
ChooseColorA
GetOpenFileNameA
PrintDlgA
CommDlgExtendedError

advapi32

RegConnectRegistryW
RegCreateKeyExW
RegQueryValueExW
AddAccessAllowedAce
RegDeleteKeyW
AccessCheckByTypeAndAuditAlarmA
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA
RegSetValueExA
AccessCheckByTypeResultListAndAuditAlarmByHandleW
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

user32

UpdateWindow
ReleaseDC
MessageBoxA
GetSystemMetrics
BeginPaint
GetDlgItem
GetWindowRect
AnimateWindow
GetClientRect
EndDialog
GetDC
LoadStringW
EnableWindow
ArrangeIconicWindows
ShowWindow
TranslateMessage

Sections

.textbss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac322db68b58926dd163f966cfd92d8a

Headers

File Characteristics

Imports

ole32

kernel32

comdlg32

advapi32

user32

Sections

.textbss Size: - Virtual size: 12KB

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 15KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 12KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB