680b7e1e8a8ff401eebbc427c65a515c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

680b7e1e8a8ff401eebbc427c65a515c_JaffaCakes118
Size

125KB
MD5

680b7e1e8a8ff401eebbc427c65a515c
SHA1

85de1458a70facff237b1955407f6f415a427081
SHA256

5dff82eeece67821f3c10f205e9f128b39b56da7cb908c6a35133fe0092be231
SHA512

c21f04c8b9fbeed312fa95de01f0036de3e48e994473e1c0bf834512bf37c22693b5c3af5da6d24ff3ee7f814e849c86c9ac4690ea832e6a66c8142ed48c33f6
SSDEEP

3072:x3d0QjnUI5Fp7yfb5nhqPBHuYJ2xAvxTYci9N8xut0p57Q0:8IJufV0PltfxTb6Kp5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
680b7e1e8a8ff401eebbc427c65a515c_JaffaCakes118

Files

680b7e1e8a8ff401eebbc427c65a515c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6028d75a6bde0e70fe11a98aeadd503d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__p__commode
_except_handler3
_controlfp
__set_app_type
malloc
printf
_fstat
_initterm
_acmdln
__setusermatherr
exit
_open_osfhandle
fclose
log10
remove
_XcptFilter
__p__fmode
toupper
_setmode
__getmainargs
_adjust_fdiv

kernel32

WideCharToMultiByte
GetSystemTimeAsFileTime
GlobalUnlock
GetSystemTime
InterlockedIncrement
GetACP
VirtualProtect
DuplicateHandle
SetFileTime
SetFileAttributesW
GetStartupInfoA
UnhandledExceptionFilter
RaiseException
SetLastError
GetModuleHandleA

ole32

OleSetMenuDescriptor
IIDFromString
CreateBindCtx
CoGetInterfaceAndReleaseStream
StgOpenStorage
CLSIDFromString
CoTaskMemAlloc
CoReleaseMarshalData

oleaut32

SafeArrayPtrOfIndex
VariantClear
VariantCopy
SafeArrayRedim
SysStringLen
SysAllocStringByteLen
SysReAllocStringLen
SafeArrayGetElement
GetActiveObject
SafeArrayPutElement

advapi32

OpenProcessToken
RegQueryValueA
RegEnumValueA
LookupPrivilegeValueA
OpenThreadToken
CopySid
RegCreateKeyExA
RegEnumKeyA
EqualSid
RegEnumKeyExA
CheckTokenMembership
RegDeleteValueW
RegSetValueExA
RegQueryInfoKeyW
LookupPrivilegeValueW
RegOpenKeyW

comctl32

ImageList_Draw
ImageList_BeginDrag
ImageList_Add
CreateStatusWindowA
ImageList_GetBkColor

user32

GetWindowTextA
SetCapture
EmptyClipboard
SetFocus
SetScrollRange
DispatchMessageA
OffsetRect
RemoveMenu
SetWindowPlacement
OpenClipboard

gdi32

Escape
RoundRect
GetStretchBltMode
GetObjectType
CreateDCA
TextOutW
CreateFontIndirectW
Ellipse
GetClipRgn
EnumMetaFile
CreateMetaFileW

version

VerLanguageNameA
VerFindFileW
VerInstallFileW
GetFileVersionInfoSizeW
VerQueryValueA

shell32

SHGetMalloc
FindExecutableW
ExtractIconW
SHGetPathFromIDListW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6028d75a6bde0e70fe11a98aeadd503d

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

oleaut32

advapi32

comctl32

user32

gdi32

version

shell32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 88KB - Virtual size: 88KB