6941c87a674cff13a9c9712695bcb27e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6941c87a674cff13a9c9712695bcb27e_JaffaCakes118
Size

111KB
MD5

6941c87a674cff13a9c9712695bcb27e
SHA1

77198315680d549117068bdcfd640e18933db8bf
SHA256

96f05a68a93ace05d380e9d07f28c610a9925b575e566502065257a4c88c0368
SHA512

956a098d2e90720c97f503642090ef7eda4d8479f9fbea19ce4add42aebc74310e6a6818c2698690b2b3dec57991b67cbfe56a5bde3704da1b1fe30f9c05e8a0
SSDEEP

1536:zOo3Sa822EdqZVhKUDHTJ8gASz0sEACukrca3BDyhV8mKvruZ:Ko3+22EkQUDHTJ8WDgfchA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6941c87a674cff13a9c9712695bcb27e_JaffaCakes118

Files

6941c87a674cff13a9c9712695bcb27e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9bb7585215775678868951beb1a111f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
GetSubMenu
EqualRect
PostQuitMessage
GetScrollPos
SetWindowPos
GetMessageA
UnhookWindowsHookEx
EnumWindows
EnableMenuItem
SetWindowTextA
FrameRect
GetSysColorBrush

kernel32

GetTimeZoneInformation
GetACP
GetCurrentProcessId
InterlockedExchange
GetStartupInfoA
VirtualAllocEx
GetFileAttributesA
GetTempPathA
GetThreadLocale
SetUnhandledExceptionFilter
GetOEMCP
GetSystemTime
FileTimeToSystemTime
ExitProcess
RtlUnwind

gdi32

CopyEnhMetaFileA
GetMapMode
CreateCompatibleBitmap
FillRgn
ExcludeClipRect
CreateICW
DPtoLP
SelectClipPath
SetViewportExtEx

ole32

CoInitialize
OleRun
StgOpenStorage
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoRevokeClassObject
DoDragDrop
CoInitializeSecurity

advapi32

FreeSid
CryptHashData
GetUserNameA
RegQueryValueExW
QueryServiceStatus
GetSecurityDescriptorDacl
RegCreateKeyExW
RegCreateKeyA
CheckTokenMembership
AdjustTokenPrivileges

msvcrt

__initenv
strcspn
_flsbuf
_CIpow
signal
strncpy
fprintf
iswspace
raise
fflush
strlen
puts
_fdopen
__getmainargs
_mbscmp
__setusermatherr
_strdup
_lock

comctl32

InitCommonControls
ImageList_SetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_DrawEx
ImageList_LoadImageA
ImageList_DragEnter
ImageList_LoadImageW
ImageList_GetBkColor
ImageList_Write
ImageList_Destroy
ImageList_GetIconSize
CreatePropertySheetPageA

shell32

ShellExecuteEx
ExtractIconW
ExtractIconExW
ShellExecuteW
SHGetPathFromIDList
DragQueryFileA
DragAcceptFiles
DragQueryFileW
CommandLineToArgvW
SHBrowseForFolderA
DoEnvironmentSubstW

oleaut32

SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayCreate
SafeArrayPtrOfIndex
VariantCopy
SafeArrayRedim
SysReAllocStringLen

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tappdce
Size: 4KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

etfancs
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9bb7585215775678868951beb1a111f2

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 34KB - Virtual size: 62KB

tappdce Size: 4KB - Virtual size: 60KB

etfancs Size: - Virtual size: 4KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 34KB - Virtual size: 62KB

tappdce
Size: 4KB - Virtual size: 60KB

etfancs
Size: - Virtual size: 4KB