6119145cd603e3619e069c29be8d655d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6119145cd603e3619e069c29be8d655d_JaffaCakes118
Size

84KB
MD5

6119145cd603e3619e069c29be8d655d
SHA1

52775c559cdd95ff8f7bfeaefe7d29bbfd9e1624
SHA256

1a0008ebd33aba384468b6f3c97b8ab7e841c360b95ab761ea3a91115ab4ce98
SHA512

16d6ee5b953dcd303bb6cda709d0bc07a97190dcbf5737a92852849c90167aaa9dc3e8ebb729e864f9f3d2330aeb596102dc7678c97473ea0f01ef3e5f58caeb
SSDEEP

1536:GxAzOAA31kw6lD70jhcTxtl3F68sQ1cT09Q9:GWzfA96109cFtl34RQ1/9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6119145cd603e3619e069c29be8d655d_JaffaCakes118

Files

6119145cd603e3619e069c29be8d655d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c2d776c6e8aacee5e6a14245f129d50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowTextA
GetSysColorBrush
GetScrollPos
GetSubMenu
EqualRect
EnableMenuItem
PostQuitMessage
UnhookWindowsHookEx
SetWindowPos
FrameRect
GetMessageA
EnumWindows
GetSysColor

kernel32

GetTimeZoneInformation
GetFileAttributesA
FileTimeToSystemTime
GetTickCount
GetSystemTime
RtlUnwind
GetThreadLocale
GetACP
SetUnhandledExceptionFilter
VirtualAllocEx
GetTempPathA
GetOEMCP
QueryPerformanceCounter
InterlockedExchange
GetCurrentProcessId
GetStartupInfoA
ExitProcess

gdi32

FillRgn
CreateICW
CreateCompatibleBitmap
CopyEnhMetaFileA
SetViewportExtEx
GetMapMode
SelectClipPath
DPtoLP
ExcludeClipRect

ole32

StgOpenStorage
CoRevokeClassObject
CoCreateInstance
CoInitialize
DoDragDrop
CoInitializeSecurity
OleRun
StringFromGUID2
CoTaskMemRealloc

advapi32

RegCreateKeyA
CryptHashData
QueryServiceStatus
RegCreateKeyExW
RegQueryValueExW
GetSecurityDescriptorDacl
CheckTokenMembership
FreeSid
GetUserNameA
AdjustTokenPrivileges

msvcrt

strncpy
__getmainargs
strlen
_fdopen
_flsbuf
signal
fflush
_lock
iswspace
_mbscmp
puts
_strdup
__initenv
__setusermatherr
_CIpow
fprintf
strcspn
raise

comctl32

CreatePropertySheetPageA
ImageList_Destroy
ImageList_GetIcon
ImageList_GetBkColor
ImageList_DragEnter
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
InitCommonControls
ImageList_LoadImageA
ImageList_ReplaceIcon

shell32

CommandLineToArgvW
SHGetPathFromIDList
DragQueryFileW
DoEnvironmentSubstW
ExtractIconExW
SHBrowseForFolderA
DragAcceptFiles
DragQueryFileA
ExtractIconW
ShellExecuteW
ShellExecuteEx

oleaut32

SafeArrayPtrOfIndex
SafeArrayRedim
SafeArrayUnaccessData
VariantCopy
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetUBound
SysReAllocStringLen

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c2d776c6e8aacee5e6a14245f129d50

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 42KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 5KB