5a21b6156e3035dd2abab337c468f763_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a21b6156e3035dd2abab337c468f763_JaffaCakes118
Size

80KB
MD5

5a21b6156e3035dd2abab337c468f763
SHA1

1b81b55bbe50833d7a4587e45a2a39d87be44832
SHA256

fcdc60e9b603464e00bf5ae0e469f6504b8f1ec1c225c489dcd89b3e72290447
SHA512

b299e1ae7ec97980542ff64f2db3d0c01f83e8e430ed0fbb7e7db8a091b4e6f10bcb4e08607c9db71b92060a526b10d4c7738ffe03fa5d14738a8ee7c1945438
SSDEEP

1536:IrZomvSE1ym/xBHzQYgA4LF6DD3nddOC0CNeHCv4QY8gv:wmNSv/rlmF6DjOvse4E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a21b6156e3035dd2abab337c468f763_JaffaCakes118

Files

5a21b6156e3035dd2abab337c468f763_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a64a2fd03f05a6ca0da749d20568aeea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
GetMessageA
GetScrollPos
GetSysColorBrush
GetSubMenu
EnumWindows
SetWindowPos
EnableMenuItem
FrameRect
PostQuitMessage
SetWindowTextA
UnhookWindowsHookEx
EqualRect

kernel32

GetTimeZoneInformation
SetUnhandledExceptionFilter
GetSystemTime
GetStartupInfoA
RtlUnwind
GetFileAttributesA
GetACP
GetTempPathA
FileTimeToSystemTime
InterlockedExchange
GetCurrentProcessId
VirtualAllocEx
GetThreadLocale
ExitProcess

gdi32

CreateCompatibleBitmap
CopyEnhMetaFileA
SelectClipPath
CreateICW
SetViewportExtEx
ExcludeClipRect
GetMapMode
FillRgn
DPtoLP

ole32

CoTaskMemRealloc
CoInitializeSecurity
StgOpenStorage
CoRevokeClassObject
CoInitialize
DoDragDrop
OleRun
StringFromGUID2
CoCreateInstance

advapi32

RegCreateKeyA
AdjustTokenPrivileges
FreeSid
GetUserNameA
CheckTokenMembership
GetSecurityDescriptorDacl
RegQueryValueExW
CryptHashData
RegCreateKeyExW
QueryServiceStatus

msvcrt

_flsbuf
_mbscmp
iswspace
raise
puts
_fdopen
__setusermatherr
fprintf
strncpy
signal
_CIpow
__getmainargs
_strdup
strlen
_lock
fflush
strcspn
__initenv

comctl32

ImageList_GetIcon
ImageList_GetBkColor
InitCommonControls
ImageList_Destroy
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_DragEnter
ImageList_Write
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_DrawEx

shell32

DoEnvironmentSubstW
SHGetPathFromIDList
ExtractIconExW
DragQueryFileA
DragAcceptFiles
ShellExecuteEx
DragQueryFileW
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteW
ExtractIconW

oleaut32

SafeArrayRedim
SafeArrayUnaccessData
SafeArrayPutElement
VariantCopy
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysReAllocStringLen
SafeArrayCreate

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a64a2fd03f05a6ca0da749d20568aeea

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 5KB