6a5a552326242722c4c0790a340bc8fa_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6a5a552326242722c4c0790a340bc8fa_JaffaCakes118
Size

76KB
MD5

6a5a552326242722c4c0790a340bc8fa
SHA1

4f7c090129cf944b5b3f5bce6e6bdbabdb6b1c92
SHA256

655eac46cb64a40c295e6fdeb5f85fc7e89c2a46ced5e902f6eba995905875e1
SHA512

7a850d1ffa5c3ff0d427796154caf0084bb5b746e1d92a81d439ef6d4a3fcdd0218f5b6b9407e43a2c807c3a3aa136e61718eff72ad6ad5742d270ec8c306103
SSDEEP

1536:WpqvP5xo242XbwJw367bwu/M6Q6yBhPAKAV6GusGTd3fKW7:7x6V8K3jQ6yBZAKuXw3i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a5a552326242722c4c0790a340bc8fa_JaffaCakes118

Files

6a5a552326242722c4c0790a340bc8fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4df85dd4b7dcc3e32195886884cbee44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetScrollPos
FrameRect
SetWindowTextA
PostQuitMessage
GetSubMenu
EnableMenuItem
UnhookWindowsHookEx
GetSysColor
EnumWindows
GetMessageA
EqualRect
SetWindowPos
GetSysColorBrush

kernel32

SetUnhandledExceptionFilter
RtlUnwind
GetFileAttributesA
GetTickCount
GetTempPathA
GetThreadLocale
VirtualAllocEx
InterlockedExchange
GetTimeZoneInformation
FileTimeToSystemTime
GetCurrentProcessId
ExitProcess
GetStartupInfoA
GetSystemTime

gdi32

CreateCompatibleBitmap
CreateICW
SetViewportExtEx
FillRgn
CopyEnhMetaFileA
DPtoLP
ExcludeClipRect
GetMapMode
SelectClipPath

ole32

StringFromGUID2
CoRevokeClassObject
CoInitialize
DoDragDrop
CoInitializeSecurity
CoCreateInstance
OleRun
StgOpenStorage
CoTaskMemRealloc

advapi32

GetSecurityDescriptorDacl
RegQueryValueExW
RegCreateKeyA
FreeSid
QueryServiceStatus
RegCreateKeyExW
GetUserNameA
CryptHashData
AdjustTokenPrivileges
CheckTokenMembership

msvcrt

_mbscmp
strlen
__initenv
_lock
fprintf
puts
signal
__getmainargs
strcspn
iswspace
_CIpow
_strdup
strncpy
__setusermatherr
fflush
_flsbuf
_fdopen
raise

comctl32

ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Destroy
InitCommonControls
ImageList_SetIconSize
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_Write
ImageList_GetIconSize
ImageList_DragEnter

shell32

DragAcceptFiles
SHGetPathFromIDList
ShellExecuteW
DoEnvironmentSubstW
CommandLineToArgvW
ExtractIconW
SHBrowseForFolderA
ShellExecuteEx
ExtractIconExW
DragQueryFileW
DragQueryFileA

oleaut32

VariantCopy
SafeArrayCreate
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayRedim
SafeArrayGetUBound
SysReAllocStringLen

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4df85dd4b7dcc3e32195886884cbee44

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 38KB - Virtual size: 37KB

.rsrc Size: 6KB - Virtual size: 26KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 6KB - Virtual size: 26KB