5f46f3316ce4bf1e6d5b90f3722ffadb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5f46f3316ce4bf1e6d5b90f3722ffadb_JaffaCakes118
Size

1.1MB
MD5

5f46f3316ce4bf1e6d5b90f3722ffadb
SHA1

60797f6ef71a18ca719e3ef269c81beb6115526a
SHA256

271c1509e6e30ce2f2be70da7383d74b76101e59bb801e486082854b5f2d7f14
SHA512

854e832353630db4e71f371ee153c4e550bfd75010d1f23db8cfea67c5e5efc951387fd1752f59503d9e8634ac87b7b93f9e4727877016e72362fa77657f8788
SSDEEP

3072:H4jXjL5sLNqfUE+kvHTz96K6ScKcNEUzZELeUoPxwAnjaPM76DBQ+E0LEUo/N:H2nANqfR+2Tz96KncKukLvBll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f46f3316ce4bf1e6d5b90f3722ffadb_JaffaCakes118

Files

5f46f3316ce4bf1e6d5b90f3722ffadb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ecb5a896b5a71bc8c420d346b9d2806

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualProtect
GetCurrentThread
lstrcmpA
GetCurrentProcess
GlobalAddAtomW

user32

CheckMenuRadioItem
CheckRadioButton
GetCursorInfo
GetCursorPos
CheckMenuItem
CheckDlgButton
LoadMenuW

shell32

StrRChrA
SHAddFromPropSheetExtArray
SHGetIconOverlayIndexA
Shell_NotifyIcon
SHFileOperationA
StrNCmpIA
SHGetFileInfoA
DAD_AutoScroll
DoEnvironmentSubstA

version

VerInstallFileA
GetFileVersionInfoSizeW
VerQueryValueA
VerFindFileA

winmm

midiOutGetNumDevs
midiInAddBuffer

comctl32

ImageList_Merge
ImageList_AddMasked
FlatSB_EnableScrollBar

gdiplus

GdipSetPenEndCap
GdipCreateMetafileFromEmf
GdipGetPenCompoundCount
GdipGetPenEndCap
GdipGetRegionBounds

comdlg32

Ssync_ANSI_UNICODE_Struct_For_WOW
PrintDlgW
LoadAlterBitmap
FindTextA

oledlg

OleUIPromptUserW
OleUIPromptUserA
OleUIPasteSpecialA

ole32

HPALETTE_UserSize
STGMEDIUM_UserUnmarshal
CoUninitialize
HWND_UserMarshal
StringFromIID
DllRegisterServer
HGLOBAL_UserUnmarshal
CoQueryAuthenticationServices

msimg32

AlphaBlend
vSetDdrawflag
DllInitialize
GradientFill
TransparentBlt

advapi32

I_ScSetServiceBitsA
LogonUserA
SaferSetPolicyInformation

oleacc

AccessibleChildren
GetStateTextW
AccessibleObjectFromWindow
IID_IAccessibleHandler

shlwapi

IsCharSpaceA
IntlStrEqWorkerW
wnsprintfA
PathRemoveBackslashA

Exports

Exports

GetSound

Sections

.text
Size: 158KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 69.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatat
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qphl
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 576KB - Virtual size: 576KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ecb5a896b5a71bc8c420d346b9d2806

Headers

File Characteristics

Imports

kernel32

user32

shell32

version

winmm

comctl32

gdiplus

comdlg32

oledlg

ole32

msimg32

advapi32

oleacc

shlwapi

Exports

Exports

Sections

.text Size: 158KB - Virtual size: 160KB

.edata Size: 512B - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 69.0MB

.rdatat Size: 2KB - Virtual size: 4KB

.rsrc Size: 71KB - Virtual size: 72KB

.qphl Size: 276KB - Virtual size: 276KB

Size: 4KB - Virtual size: 4KB

Size: 576KB - Virtual size: 576KB

.text
Size: 158KB - Virtual size: 160KB

.edata
Size: 512B - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 69.0MB

.rdatat
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 71KB - Virtual size: 72KB

.qphl
Size: 276KB - Virtual size: 276KB