7713da8e1dec91606572f28e64f54e19_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7713da8e1dec91606572f28e64f54e19_JaffaCakes118
Size

137KB
MD5

7713da8e1dec91606572f28e64f54e19
SHA1

5da89d38fd88e76b5790780fe48b5c59479fe844
SHA256

4cb42be323783f3282803da5dea4b6397d90dca5756556746a47d6e0a2704401
SHA512

2268cee03c413e976594cf9ee4cb309b6cb5e84863c0b13e33bf77ee4c67f7e328ed1497b32ee462abe8a56db5295293eeb7bf2c37d7ea325e5ded009bba5646
SSDEEP

3072:74vaTYLcqQQ9zaaojW94wKSFhz50XrXoSyy6Dws33aBxS:74v/9eaoiC+hz5Oqy6Ma3aq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7713da8e1dec91606572f28e64f54e19_JaffaCakes118

Files

7713da8e1dec91606572f28e64f54e19_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1ff9b1979d255a747b835ff975750781

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__getmainargs
isdigit
exit
_controlfp
log10
strtol
_adjust_fdiv
_initterm
__p__commode
__set_app_type
__p__fmode
_fdopen
_XcptFilter
__setusermatherr
strstr
_acmdln
_except_handler3

kernel32

GetFullPathNameA
GetStartupInfoA
GetCurrentProcess
GetUserDefaultLCID
GetModuleHandleA
DeleteFileA
VirtualProtect
WaitForMultipleObjects
GetModuleFileNameA
GetExitCodeProcess

shell32

ExtractIconA
DragFinish
DragQueryFileW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHBindToParent
ShellExecuteExW

user32

GetDCEx
UnregisterClassA
DrawIconEx
IsDialogMessageA
FillRect
RegisterWindowMessageA
UpdateWindow
SetCapture
ReleaseCapture
IsRectEmpty

advapi32

SetSecurityDescriptorOwner
RegDeleteKeyW
ControlService
RegFlushKey
RegEnumKeyExW
RegEnumValueW
SetSecurityDescriptorGroup
CryptReleaseContext
GetSecurityDescriptorDacl
RevertToSelf
GetTokenInformation
RegCreateKeyExW

version

GetFileVersionInfoW
VerInstallFileW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerFindFileW
VerInstallFileA
VerQueryValueA
VerQueryValueW
VerLanguageNameA
GetFileVersionInfoA

oleaut32

GetActiveObject
SafeArrayRedim
SysStringLen
SafeArrayGetUBound
SysAllocStringByteLen
SafeArrayPutElement
CreateErrorInfo
SysFreeString
VariantClear
LoadTypeLib
SysReAllocStringLen
SafeArrayCreate

comctl32

ImageList_Create
PropertySheetA
ImageList_Replace
ImageList_Draw
ImageList_SetImageCount
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_Write

ole32

OleGetClipboard
OleIsCurrentClipboard
CoGetClassObject
OleInitialize
CoUninitialize
ProgIDFromCLSID
CreateStreamOnHGlobal
OleSetMenuDescriptor
CLSIDFromProgID

gdi32

SetRectRgn
PolylineTo
StrokeAndFillPath
GetBkColor
StrokePath
SetBkColor
ExtTextOutW
ExtTextOutA
SetWindowOrgEx

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ff9b1979d255a747b835ff975750781

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

user32

advapi32

version

oleaut32

comctl32

ole32

gdi32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 98KB - Virtual size: 98KB