62a25ea9f3d81bb10d1d4c4cca5d7f2e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62a25ea9f3d81bb10d1d4c4cca5d7f2e_JaffaCakes118
Size

143KB
MD5

62a25ea9f3d81bb10d1d4c4cca5d7f2e
SHA1

79eebbcae923b7e8e0e5c3ecfd7f51b1fb2444a5
SHA256

3500bb6818d5a7a740fbaecec237ad7fca46cd3b2f32d8a789d8badf67ff3845
SHA512

16f593b2b82ce0f0f3c66a88f221ec78bc609402d137383a001ad2800cf0ec8024478f80bab6f2b76ea84a0bb26e4ed39683137019331b89572a020e5df1e079
SSDEEP

3072:InfCHyt56VWZFPE9NV5tFvKMUmIwBayheG1PZcI9ojNQDJsh5pEQbYF:fq6PnhRr1BayheIucJshg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62a25ea9f3d81bb10d1d4c4cca5d7f2e_JaffaCakes118

Files

62a25ea9f3d81bb10d1d4c4cca5d7f2e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

988ead6889c6372897b1ec81cee7db64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RemoveDirectoryA
lstrcmpiW
MulDiv
GetModuleHandleA
DuplicateHandle
lstrcpyA
GetTimeZoneInformation
GetStartupInfoA
VirtualProtect
TerminateProcess
LCMapStringW
IsValidCodePage
InterlockedExchange
WaitForSingleObject
IsDBCSLeadByte
CompareFileTime
GetLocalTime
LocalFree
SetCurrentDirectoryA

msvcrt

exit
_acmdln
__set_app_type
__p__commode
_initterm
_except_handler3
atol
towupper
_XcptFilter
__p__fmode
__getmainargs
log10
_controlfp
_adjust_fdiv
_wcsupr
__setusermatherr
_strcmpi
isdigit

ole32

ProgIDFromCLSID
IIDFromString
CoLoadLibrary
CLSIDFromString
OleSetMenuDescriptor
CoGetMalloc
OleInitialize
CreateItemMoniker
CoTaskMemFree

shell32

ExtractAssociatedIconW
SHGetPathFromIDListA
SHGetSpecialFolderLocation
Shell_NotifyIconA
CommandLineToArgvW
SHGetSpecialFolderPathW
SHBrowseForFolderA
DragAcceptFiles
ShellExecuteA
SHBindToParent

user32

ShowCursor
GetMessagePos
EnumThreadWindows
GetScrollRange
GetWindow
UpdateWindow
RegisterWindowMessageA
IsRectEmpty
OpenClipboard
GetForegroundWindow
ReleaseCapture

gdi32

ArcTo
CopyMetaFileA
FillPath
MaskBlt
LineTo
EnumFontFamiliesA
CreateMetaFileW
CopyMetaFileW
GetClipBox
CreateDIBPatternBrushPt
SetRectRgn
PlayMetaFile
SetWindowExtEx
UnrealizeObject

oleaut32

SafeArrayPutElement
SetErrorInfo
VariantClear
SafeArrayPtrOfIndex
SysAllocStringByteLen
LoadTypeLib

comctl32

ImageList_DrawEx
ImageList_Destroy
ImageList_SetIconSize
DestroyPropertySheetPage
CreateStatusWindowA

advapi32

GetSecurityDescriptorDacl
OpenThreadToken
LookupPrivilegeValueW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
CryptAcquireContextA

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerFindFileW
VerInstallFileW
VerLanguageNameA
VerQueryValueW
VerInstallFileA

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

988ead6889c6372897b1ec81cee7db64

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

shell32

user32

gdi32

oleaut32

comctl32

advapi32

version

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 107KB - Virtual size: 106KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 107KB - Virtual size: 106KB