64bfcd897cf916735cdfb7ebc001cb5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64bfcd897cf916735cdfb7ebc001cb5e_JaffaCakes118
Size

148KB
MD5

64bfcd897cf916735cdfb7ebc001cb5e
SHA1

287d10d841dceb34149b2c2ab99e7ac0815606e6
SHA256

042cbcc3ca4fccaf32a700054550a71c5482bc42c3f7fe9f45843373b189ade2
SHA512

895c4d61da4d80fdd3c5cb2354e7590108099739a4bec26940cf0db085dc659384f8912e7cd683913e9959c0bbc074c9b29a7985b36daa0b0ab391e6a89f4abc
SSDEEP

3072:yznoTjQzgqaxq+sIUYAOGtSlm8I0/PPGQwjSPwk9JKjC:ycIvK5Zvafk9JoC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64bfcd897cf916735cdfb7ebc001cb5e_JaffaCakes118

Files

64bfcd897cf916735cdfb7ebc001cb5e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f60c73968423797cd1df093e5c7bb127

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalAlloc
IsBadReadPtr
GetLocaleInfoA
VirtualProtect
lstrcpynA
GetStartupInfoA
ExpandEnvironmentStringsA
GetModuleHandleA
CompareStringA
lstrcmpiW
CreateProcessW
GetStringTypeA

user32

InsertMenuItemA
GetSysColor
IsRectEmpty
DefWindowProcA
IsWindowVisible
GetClassInfoA
SetForegroundWindow
DestroyCursor
SetWindowLongA

msvcrt

log10
__setusermatherr
__p__fmode
_setjmp3
fopen
_adjust_fdiv
_XcptFilter
wctomb
strncmp
__set_app_type
__p__commode
exit
_acmdln
_itow
_setmode
rand
__getmainargs
_beginthreadex
_except_handler3
_mkdir
_initterm
strtol

advapi32

CopySid
RegEnumKeyExA
CryptCreateHash
RegCloseKey
EqualSid
IsValidSid
RegOpenKeyExA
LookupPrivilegeValueW

comctl32

ImageList_ReplaceIcon
ImageList_SetImageCount
ImageList_Replace
ImageList_BeginDrag
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_Create

shell32

ShellExecuteEx
SHGetPathFromIDList
SHCreateDirectoryExA
SHGetFolderPathW
DragFinish
Shell_NotifyIconW
SHGetFolderLocation
SHGetSpecialFolderPathW
SHGetMalloc
ExtractIconExW
ShellExecuteA

ole32

StringFromIID
PropVariantClear
OleSetClipboard
OleRun
CoDisconnectObject
OleInitialize
CLSIDFromString
DoDragDrop
CoGetClassObject
StringFromGUID2

oleaut32

VariantInit
SetErrorInfo
GetActiveObject
SafeArrayGetUBound
SysFreeString
SysStringLen
SafeArrayUnaccessData

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f60c73968423797cd1df093e5c7bb127

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

comctl32

shell32

ole32

oleaut32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 6KB - Virtual size: 5KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 6KB - Virtual size: 5KB