4ce8ace8abb190f10efc0a4cb7b08125_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4ce8ace8abb190f10efc0a4cb7b08125_JaffaCakes118
Size

131KB
MD5

4ce8ace8abb190f10efc0a4cb7b08125
SHA1

f0a43a835e10caac22b047298e069c94b80ba514
SHA256

9117e45cdbece5844c799c9bb95e20a5747cbdb19c9e382d1e845e7095af3d50
SHA512

b9026047da58dc8c41419f79b917488a75a2b230972c5d280032f23103af47a1c923cfa341d4c4a4d2e1876701dbb7c82f785a611231c7734a725b849590d3a3
SSDEEP

1536:athio1nh/SRlPSvTs7SduXFmjBtidSJVwmtcV1A17dVNCh8nN:8nh/2lPSvTsOduo9tlFt2M7dV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ce8ace8abb190f10efc0a4cb7b08125_JaffaCakes118

Files

4ce8ace8abb190f10efc0a4cb7b08125_JaffaCakes118
.exe windows:5 windows x86 arch:x86

abd1a2d98a3becaed92fd70d83f1615b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetMessageA
SetWindowPos
GetSysColorBrush
GetSubMenu
GetScrollPos
EqualRect
SetWindowTextA
EnableMenuItem
PostQuitMessage
UnhookWindowsHookEx
FrameRect
EnumWindows
GetSysColor

kernel32

GetStartupInfoA
FileTimeToSystemTime
GetSystemTime
SetUnhandledExceptionFilter
GetTempPathA
GetTickCount
RtlUnwind
GetCurrentProcessId
InterlockedExchange
VirtualAllocEx
ExitProcess
GetTimeZoneInformation
GetOEMCP
GetThreadLocale
GetFileAttributesA

gdi32

CopyEnhMetaFileA
ExcludeClipRect
DPtoLP
SetViewportExtEx
SelectClipPath
FillRgn
CreateICW
GetMapMode
CreateCompatibleBitmap

ole32

DoDragDrop
StgOpenStorage
OleRun
StringFromGUID2
CoInitialize
CoCreateInstance
CoRevokeClassObject
CoTaskMemRealloc
CoInitializeSecurity

advapi32

CheckTokenMembership
AdjustTokenPrivileges
RegQueryValueExW
GetUserNameA
FreeSid
QueryServiceStatus
GetSecurityDescriptorDacl
RegCreateKeyExW
CryptHashData
RegCreateKeyA

msvcrt

fprintf
puts
strncpy
__initenv
_mbscmp
_flsbuf
iswspace
fflush
signal
__getmainargs
_fdopen
_lock
raise
strlen
_strdup
strcspn
_CIpow
__setusermatherr

comctl32

ImageList_DrawEx
ImageList_Destroy
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Write
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_GetBkColor
ImageList_LoadImageA
ImageList_GetIcon
CreatePropertySheetPageA
ImageList_DragEnter
InitCommonControls

shell32

ExtractIconExW
ShellExecuteEx
DragAcceptFiles
SHBrowseForFolderA
ExtractIconW
DragQueryFileA
CommandLineToArgvW
DoEnvironmentSubstW
SHGetPathFromIDList
ShellExecuteW
DragQueryFileW

oleaut32

SafeArrayPtrOfIndex
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayCreate
VariantCopy
SafeArrayGetUBound
SysReAllocStringLen

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tcqobdc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

abd1a2d98a3becaed92fd70d83f1615b

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 37KB - Virtual size: 37KB

.rsrc Size: 60KB - Virtual size: 62KB

tcqobdc Size: - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 37KB - Virtual size: 37KB

.rsrc
Size: 60KB - Virtual size: 62KB

tcqobdc
Size: - Virtual size: 4KB