414915a566a45bf179169f0f1e5e357e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

414915a566a45bf179169f0f1e5e357e_JaffaCakes118
Size

136KB
MD5

414915a566a45bf179169f0f1e5e357e
SHA1

4bac5df756c36fb758f9592ad1fd7168398f5725
SHA256

d53f459383006a1a6be3e89b78b34c61ce898ed28a0fd9d210fa29cc06229ff6
SHA512

c428162c4b6c198e2549a71f3acd83cda612fb10751ff4c1e1ccf98683591c8f3f25e4a04484a8c944acc23d40fb6b3143c137278e79396bdd20ef2651da93e2
SSDEEP

3072:h/FJJ5cs23KOHzy+0BjOTEvGKtn9fs11Ndy6fckAY+r:hXJ5cpuBjOTEvGKxKvJfckk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
414915a566a45bf179169f0f1e5e357e_JaffaCakes118

Files

414915a566a45bf179169f0f1e5e357e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90ce8e0a79946bd57e84eda1012104f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_mbscmp
puts
strtoul
_initterm
_adjust_fdiv
_XcptFilter
__p__commode
_strnicmp
_wcsnicmp
__set_app_type
exit
_controlfp
wcstoul
__getmainargs
fseek
fgetpos
__setusermatherr
__p__fmode
_acmdln
localtime
_except_handler3
log10
calloc

kernel32

IsBadReadPtr
GetStartupInfoA
GetACP
CompareStringW
VirtualProtect
IsDebuggerPresent
WritePrivateProfileStringA
GetModuleHandleA
GetLocaleInfoA
IsDBCSLeadByte
FileTimeToLocalFileTime
SetFileAttributesA

gdi32

SetTextAlign
RemoveFontResourceA
CreateFontA
IntersectClipRect
SelectObject
SetMetaFileBitsEx
GetEnhMetaFileHeader
GetBitmapBits
GetEnhMetaFilePaletteEntries
SelectClipRgn
CopyEnhMetaFileA

user32

SetPropA
GetMenuItemID
KillTimer
CallNextHookEx
IsIconic
IsWindowEnabled
GetWindowPlacement
InflateRect
IsChild
GetMenu
GetMessagePos
GetActiveWindow
EnumWindows

shell32

ShellExecuteExW
SHGetSpecialFolderLocation
DragQueryFileW
CommandLineToArgvW
SHGetFolderPathA
ShellExecuteA
DoEnvironmentSubstW
SHBrowseForFolderW
ShellExecuteExA
ExtractIconExA
SHGetFolderPathW
SHGetSettings
SHBrowseForFolder

comctl32

ImageList_GetIconSize
ImageList_GetIcon
ImageList_SetIconSize
ImageList_GetImageCount
ImageList_DragEnter
ImageList_Write
ImageList_DragShowNolock
ImageList_EndDrag

ole32

OleDraw
CoTaskMemAlloc
GetRunningObjectTable
IsEqualGUID
CoUninitialize

version

VerQueryValueW
VerInstallFileA
VerFindFileW
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleaut32

VariantCopyInd
VariantInit
SafeArrayCreate
SysAllocStringLen
GetErrorInfo
SafeArrayPtrOfIndex

advapi32

InitializeAcl
SetSecurityDescriptorDacl
OpenThreadToken
AdjustTokenPrivileges
RegQueryInfoKeyW
LookupPrivilegeValueW
GetTokenInformation

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90ce8e0a79946bd57e84eda1012104f3

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

shell32

comctl32

ole32

version

oleaut32

advapi32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 99KB - Virtual size: 172KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 99KB - Virtual size: 172KB