43c4d59c2077cca8ffd2eb1b87c81773_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43c4d59c2077cca8ffd2eb1b87c81773_JaffaCakes118
Size

80KB
MD5

43c4d59c2077cca8ffd2eb1b87c81773
SHA1

86625b3c1848b6350a07c0063b822c679ac310cf
SHA256

6acaad4b8a073769df75645357c8d35d3bb7cea1cd9fa04d278ae2048437b3ce
SHA512

f7eba522a3671dddb39bb134f8f638d9e34e7709d2a303d3b9729e4422b8aa2e97b82d773ec63a7c37394cc61ec63361cf6138581166c2296c1d11b0828fcfac
SSDEEP

1536:F6dUT+SGwTe8ZTxU7qQeV5+sbUej/Dd4MB359+73/m9w1NaJfK:EGiLfadU7rsbUejiMF5Y73/mWNo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43c4d59c2077cca8ffd2eb1b87c81773_JaffaCakes118

Files

43c4d59c2077cca8ffd2eb1b87c81773_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b640340a52524836e16ab88cbacd7cd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UnhookWindowsHookEx
EnableMenuItem
GetScrollPos
EqualRect
SetWindowTextA
SetWindowPos
GetSysColorBrush
GetSysColor
GetMessageA
EnumWindows
PostQuitMessage
GetSubMenu
FrameRect

kernel32

RtlUnwind
ExitProcess
GetACP
GetCurrentProcessId
GetOEMCP
GetFileAttributesA
GetTimeZoneInformation
VirtualAllocEx
GetTickCount
FileTimeToSystemTime
GetThreadLocale
GetStartupInfoA
GetSystemTime
InterlockedExchange
SetUnhandledExceptionFilter
GetTempPathA

gdi32

SetViewportExtEx
DPtoLP
SelectClipPath
FillRgn
CreateCompatibleBitmap
GetMapMode
CopyEnhMetaFileA
ExcludeClipRect
CreateICW

ole32

CoInitialize
CoRevokeClassObject
CoCreateInstance
StringFromGUID2
OleRun
CoTaskMemRealloc
CoInitializeSecurity
DoDragDrop
StgOpenStorage

advapi32

CryptHashData
RegQueryValueExW
FreeSid
AdjustTokenPrivileges
GetSecurityDescriptorDacl
CheckTokenMembership
RegCreateKeyA
QueryServiceStatus
RegCreateKeyExW
GetUserNameA

msvcrt

strcspn
fflush
signal
__setusermatherr
iswspace
_strdup
_fdopen
fprintf
__getmainargs
raise
strlen
_flsbuf
_mbscmp
__initenv
_CIpow
_lock
strncpy
puts

comctl32

ImageList_DragEnter
ImageList_SetIconSize
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_LoadImageW
InitCommonControls
ImageList_Destroy
ImageList_Write
ImageList_LoadImageA
ImageList_GetIcon
ImageList_GetIconSize

shell32

DragQueryFileA
ShellExecuteW
SHGetPathFromIDList
SHBrowseForFolderA
DragQueryFileW
DragAcceptFiles
ExtractIconW
ExtractIconExW
ShellExecuteEx
DoEnvironmentSubstW
CommandLineToArgvW

oleaut32

SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayRedim
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayCreate
VariantCopy

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eleozcb
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b640340a52524836e16ab88cbacd7cd7

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 34KB

eleozcb Size: - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 34KB

eleozcb
Size: - Virtual size: 4KB