751f2a12ee517692b88eac029bce5623_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

751f2a12ee517692b88eac029bce5623_JaffaCakes118
Size

292KB
MD5

751f2a12ee517692b88eac029bce5623
SHA1

4c177cb14d53f5c384225c42d7c1b3bdb2f376c7
SHA256

7730278cfbe4b95e0f8edf86bf4c665e2cf81b56845edc3b1bf8be19fb116324
SHA512

6896c98703f62a69e449030ebefea82106b59d9d3026d79b133645c56c3070c14bf7d686a4abf664a147668d363200075199794627955c3cd05f7890981698fd
SSDEEP

6144:MG42UwRdRXiV5cxnkttJSEGR0NPtqu2gztXO5ZnvDP7DmT:P42dXXOf6Rpu2gzt6VvXK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
751f2a12ee517692b88eac029bce5623_JaffaCakes118

Files

751f2a12ee517692b88eac029bce5623_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b27b1e3b2d03ed866d33a9fdc74fc04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetVersionExA
GetUserDefaultLangID
FindNextChangeNotification
GlobalAddAtomW
GetACP
SetMailslotInfo
SearchPathW
Beep
GetCommConfig
FindCloseChangeNotification
GetSystemTime
SuspendThread
GetCurrentDirectoryW
FormatMessageW
GetDriveTypeW
UnhandledExceptionFilter
GetStartupInfoA
MultiByteToWideChar
CreateProcessA
LocalSize
VirtualAlloc
LCMapStringA
EnumResourceNamesW
CreateDirectoryA
ReleaseSemaphore
GlobalFree
CreateIoCompletionPort
LoadResource
EnumDateFormatsW
ConnectNamedPipe
GetTempPathW
FindResourceExA
FindFirstFileA
lstrlenA
CreateMutexW
GetModuleHandleA

user32

SetMenuInfo
AdjustWindowRectEx
GetSubMenu

gdi32

EndPage
SetWorldTransform
ScaleWindowExtEx
SetBrushOrgEx
GetTextExtentPointA
GetPolyFillMode
SetBitmapDimensionEx
GetTextExtentPoint32W
PlayEnhMetaFile
CreateDCA
GetTextFaceW
RemoveFontResourceW
CreatePatternBrush
GetStretchBltMode

comdlg32

CommDlgExtendedError
GetFileTitleA
GetFileTitleW
ChooseFontA

advapi32

CryptDestroyKey
GetSecurityDescriptorLength
EnumServicesStatusA
RegCreateKeyW
RegisterServiceCtrlHandlerA
RegOpenKeyExA
UnlockServiceDatabase
RegQueryInfoKeyA
GetLengthSid
GetServiceKeyNameW
AccessCheckAndAuditAlarmW
ObjectCloseAuditAlarmA
RegQueryInfoKeyW
RegCreateKeyA
LookupPrivilegeValueA
GetPrivateObjectSecurity
DeleteService
RegNotifyChangeKeyValue
RegConnectRegistryA

shell32

SHGetSpecialFolderPathA
ExtractIconExW
SHBrowseForFolderA
FindExecutableW

ole32

OleInitialize

oleaut32

SafeArrayUnaccessData
SysStringLen
QueryPathOfRegTypeLi
SafeArrayGetElement
SetErrorInfo
SafeArrayCreate
VariantCopy
SafeArrayGetLBound
SysAllocStringLen

comctl32

ImageList_SetDragCursorImage
ImageList_LoadImageW
PropertySheetW
CreatePropertySheetPageW

shlwapi

SHQueryValueExW
SHRegGetBoolUSValueW
PathIsURLW

msvcrt

__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_controlfp
_except_handler3
_acmdln
exit
_XcptFilter
_exit
__set_app_type
__p__fmode

Sections

.text
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4b27b1e3b2d03ed866d33a9fdc74fc04

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 236KB - Virtual size: 232KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 48KB - Virtual size: 46KB

.text
Size: 236KB - Virtual size: 232KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 48KB - Virtual size: 46KB