40d7f5fda330d0ffe43c1668eedd67ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40d7f5fda330d0ffe43c1668eedd67ef_JaffaCakes118
Size

99KB
MD5

40d7f5fda330d0ffe43c1668eedd67ef
SHA1

eed18930349f4da5b71420207b1e9fdb873d1a73
SHA256

4a83c1073f46da8f61587a1a77320f2856c98040f04a1418520c75785f752b0b
SHA512

3be5137f6a6be93c6823032bd39a47f283927252e883397db35983dd86a0ddce999863d3f3b1a9dad3f52bef51891b1b709742b3ce5d7f32fb61a66d8f35217c
SSDEEP

1536:Rire7bwK6cmdViXR0VT1MMwVtJiTBHGLwYDe5fhaHMXiQNpA0H01y+k/PKba:RyeAK6ccu6T1MMwb8doe5fhwIppaSPMa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40d7f5fda330d0ffe43c1668eedd67ef_JaffaCakes118

Files

40d7f5fda330d0ffe43c1668eedd67ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d49946b34f645fd949c8c4ea459cd2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalHandle
VirtualProtect
GetTempPathW
lstrcpyA
DisableThreadLibraryCalls
GetPrivateProfileStringA
ExpandEnvironmentStringsA
FreeEnvironmentStringsA
MoveFileA
GetStartupInfoA
FlushFileBuffers
GetModuleHandleA
FreeEnvironmentStringsW
IsDebuggerPresent
IsDBCSLeadByte

user32

SetForegroundWindow
PostMessageA
SetActiveWindow
KillTimer
InflateRect
CheckMenuItem
RedrawWindow
DestroyCursor
GetSysColor
RegisterWindowMessageA
GetForegroundWindow

msvcrt

floor
_strlwr
__getmainargs
_adjust_fdiv
fgets
sin
sqrt
ftell
__CxxFrameHandler
_osver
realloc
__setusermatherr
__p__commode
strerror
_initterm
_except_handler3
exit
_XcptFilter
_acmdln
__set_app_type
__p__fmode

advapi32

RegOpenKeyExA
DeleteService
RegQueryValueExW
CryptAcquireContextA
AddAccessAllowedAce
RegCreateKeyExW

shell32

Shell_NotifyIconW
SHGetMalloc
SHGetSpecialFolderPathA
Shell_NotifyIconA
SHChangeNotify

oleaut32

SysAllocStringByteLen
SysStringLen
SafeArrayUnaccessData
GetErrorInfo
SafeArrayPtrOfIndex
LoadTypeLib
SysReAllocStringLen

comctl32

ImageList_Create
ImageList_Replace
ImageList_Destroy
ImageList_LoadImageW
InitCommonControlsEx
ImageList_Read
InitCommonControls

ole32

RevokeDragDrop
StgOpenStorageOnILockBytes
CreateItemMoniker
ReleaseStgMedium
CreateStreamOnHGlobal
CoRegisterClassObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StringFromIID
IsEqualGUID
CoRevokeClassObject
CoGetMalloc
OleFlushClipboard
CoRegisterMessageFilter
CoCreateInstance

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d49946b34f645fd949c8c4ea459cd2b

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

shell32

oleaut32

comctl32

ole32

Sections

.text Size: 69KB - Virtual size: 68KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB