71581e12b802769bf9162b633327c1bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71581e12b802769bf9162b633327c1bb_JaffaCakes118
Size

132KB
MD5

71581e12b802769bf9162b633327c1bb
SHA1

820922523d2092afe5d9d912c9d395d3e426384b
SHA256

bea8eb17d6421fe67fd973009de10d0c0c8d4ea1c69db1b0834b0852f8595f4c
SHA512

a8ea1aa211562faa4eb549ded11883ab163cf7ce793ac03ae2e81b354873f02099204b5b971416df5aba6375a938658a09844642c93b1069f60b82d1f51fc0d1
SSDEEP

3072:9haJ4n0yjQtSZsOoAjBObVqDRR4X1f1+uTHaW:FmSZZ3A8uhT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71581e12b802769bf9162b633327c1bb_JaffaCakes118

Files

71581e12b802769bf9162b633327c1bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c898516bccb3d53018cdb0426353df47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetTickCount
GetTempPathW
GetDriveTypeA
GetCurrentProcess
GetModuleHandleA
VirtualProtect
GetCPInfo
IsBadReadPtr

msvcrt

_get_osfhandle
_XcptFilter
iswdigit
log10
_except_handler3
_initterm
getenv
_controlfp
_stat
__getmainargs
sscanf
__set_app_type
__p__fmode
_acmdln
_wcsupr
exit
_mbsicmp
atexit
__setusermatherr
_adjust_fdiv
_strcmpi
__p__commode
strcpy

ole32

ReleaseStgMedium
CreateBindCtx
StringFromGUID2
CoReleaseMarshalData
OleGetClipboard
IsAccelerator
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromString
DoDragDrop
CLSIDFromProgID
OleFlushClipboard

comctl32

InitCommonControls
CreatePropertySheetPageA
ImageList_Destroy
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DrawEx
ImageList_AddMasked

advapi32

RegEnumKeyA
RegOpenKeyW
RegEnumKeyW
RegFlushKey
RegQueryInfoKeyA
RegCreateKeyExW
RevertToSelf
CryptReleaseContext
SetSecurityDescriptorDacl
RegOpenKeyExW
FreeSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup

version

VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
VerQueryValueW
VerInstallFileW
VerFindFileW
VerInstallFileA

shell32

ExtractIconExW
SHGetMalloc
SHGetFolderPathA
SHGetDesktopFolder
DragQueryFile
ExtractIconExA
SHBrowseForFolderA
SHAddToRecentDocs
CommandLineToArgvW

user32

SetTimer
BeginPaint
EnumWindows
GetMessageA
GetSysColor
RegisterWindowMessageA
GetClassInfoA
GetSystemMenu

gdi32

Polyline
SetWindowOrgEx
CreateRectRgnIndirect
GetTextAlign
GetTextFaceA
GetDeviceCaps
GetPixel
GetClipRgn
PtInRegion
GetNearestPaletteIndex

oleaut32

SysAllocStringLen
SafeArrayPutElement
SetErrorInfo
VariantInit

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c898516bccb3d53018cdb0426353df47

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

comctl32

advapi32

version

shell32

user32

gdi32

oleaut32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 94KB - Virtual size: 168KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 94KB - Virtual size: 168KB