463e12c07cffb3278a424fbaa9bf4038_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

463e12c07cffb3278a424fbaa9bf4038_JaffaCakes118
Size

106KB
MD5

463e12c07cffb3278a424fbaa9bf4038
SHA1

5aa4cf271a21dd28818a48b5219457485ef7596c
SHA256

35881314ce795eac4d1334d4980ba38b5659a98d0030bf13469e83389808afbf
SHA512

cc0c0192450b3d7223acfe50fb8af4c1bb638e13b5fa81f1ef74c16baa8325167696c0ee5471a43f6a327e6a3b4468e1d8fbeb3cc86aade341a76e368014d550
SSDEEP

3072:KgHDngD/HgLEcOqKePIpqyexu/sjTbFokCZ:jU8Ec7weXXbFoz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
463e12c07cffb3278a424fbaa9bf4038_JaffaCakes118

Files

463e12c07cffb3278a424fbaa9bf4038_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63471132a7b87454ef1ec8c0782e1465

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InterlockedDecrement
GetStartupInfoA
VirtualProtect
SystemTimeToFileTime
EnumCalendarInfoA
LocalFileTimeToFileTime
GetCommandLineW
GetEnvironmentStringsW
GlobalReAlloc
GetModuleHandleA
LCMapStringA
GetVersionExA

user32

DestroyIcon
GetDesktopWindow
GetSysColor
BeginPaint
IsWindowVisible
AdjustWindowRectEx
GetClassNameA

msvcrt

__getmainargs
_acmdln
_adjust_fdiv
_XcptFilter
sqrt
__setusermatherr
towlower
rand
exit
_initterm
_wtoi
putchar
__set_app_type
_unlock
__p__fmode
_except_handler3
_umask
localtime
__p__commode

comctl32

ImageList_SetOverlayImage
ImageList_EndDrag
ImageList_GetIconSize
ImageList_GetIcon
CreatePropertySheetPageW
ImageList_Read
ImageList_Write

ole32

StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
PropVariantClear
CoRegisterClassObject
CoTaskMemAlloc
DoDragDrop
CoInitializeSecurity
CreateILockBytesOnHGlobal
CoGetInterfaceAndReleaseStream

advapi32

IsValidSid
RegEnumKeyA
RegSetValueExA
GetUserNameA
RegFlushKey
RegCloseKey
CloseServiceHandle
RegQueryInfoKeyW
AllocateAndInitializeSid
RegCreateKeyA
AddAccessAllowedAce

shell32

FindExecutableW
SHGetFileInfo
ShellExecuteExA
ShellExecuteA
SHGetFolderPathW
ExtractIconW
SHAppBarMessage
DragFinish
SHBrowseForFolderW
ShellExecuteExW

oleaut32

SafeArrayGetUBound
GetErrorInfo
SysStringLen
VariantClear
SysAllocStringLen
GetActiveObject
SafeArrayPtrOfIndex
SysAllocStringByteLen
SafeArrayGetElement
SysStringByteLen

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63471132a7b87454ef1ec8c0782e1465

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

ole32

advapi32

shell32

oleaut32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB