499e7b761fa14b2f539bdb6169914a5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

499e7b761fa14b2f539bdb6169914a5c_JaffaCakes118
Size

187KB
MD5

499e7b761fa14b2f539bdb6169914a5c
SHA1

53e8f761d5056e13bf932fa591ea4ee210987d57
SHA256

5ded7ba2623ea73fd17a493530a319d1bdf2b225047a116dde2cecccb76a23e6
SHA512

740b4dac58e7c3de9edb5d2741b970ad48920a46b7ba67a99fd275daa5d7648e5612bc178009167b68c9244032c089dcc22a6e721f235667b3d63aeca6363484
SSDEEP

3072:usT6Xm568LxyZ5tqR4h4QtIot2k7196xZAxt0hpj:usQp8gZ5IRC/WotF76xZKt0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
499e7b761fa14b2f539bdb6169914a5c_JaffaCakes118

Files

499e7b761fa14b2f539bdb6169914a5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

872e9932d2ba259f84df2179bfe23f0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateEventW
FlushFileBuffers
GetCurrentThreadId
GetEnvironmentStringsW
GetExitCodeThread
GetFileSize
GetModuleFileNameW
HeapAlloc
LoadLibraryA
SetEnvironmentVariableA
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime

ole32

CLSIDFromString
CoCreateInstance
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoRegisterClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CreateILockBytesOnHGlobal
DoDragDrop
IIDFromString
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
PropVariantClear
StgOpenStorageOnILockBytes
StringFromCLSID

advapi32

AddAccessAllowedAce
CheckTokenMembership
CryptCreateHash
CryptDestroyHash
GetSecurityDescriptorDacl
IsValidSid
QueryServiceStatus
RegCloseKey
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
RegFlushKey
RegOpenKeyW
SetSecurityDescriptorGroup

comctl32

DestroyPropertySheetPage
ImageList_Add
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_GetBkColor
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_SetDragCursorImage
ImageList_Write

shell32

ExtractIconExA
SHFileOperationW
SHGetFileInfo
SHGetFileInfoW
SHGetFolderPathW
ShellExecuteEx
ShellExecuteExA

gdi32

CreatePenIndirect
GetCurrentPositionEx
GetEnhMetaFileHeader
GetNearestPaletteIndex
GetTextExtentPoint32A
GetTextExtentPointW
OffsetWindowOrgEx
Polyline
RoundRect
SetBkMode
SetROP2
SetWindowExtEx
SetWindowOrgEx
StartDocA
StartDocW
StartPage

user32

ClientToScreen
CreateMenu
CreatePopupMenu
DestroyMenu
DrawIcon
DrawMenuBar
GetClassInfoA
GetDlgItem
GetMessageA
GetSubMenu
GetWindowRect
GetWindowThreadProcessId
InsertMenuA
IsChild
LoadCursorA
OemToCharA
PeekMessageA
RegisterClipboardFormatA
ReleaseDC
RemovePropA
ScrollWindow
SetCapture
SetScrollInfo
SetWindowsHookExA
ShowWindow

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

e6J5GNPI
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

872e9932d2ba259f84df2179bfe23f0e

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

comctl32

shell32

gdi32

user32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 86KB - Virtual size: 85KB

.rsrc Size: 18KB - Virtual size: 17KB

e6J5GNPI Size: 2KB - Virtual size: 120KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 18KB - Virtual size: 17KB

e6J5GNPI
Size: 2KB - Virtual size: 120KB