837669e2df3afb63a3e36e94bc149422_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

837669e2df3afb63a3e36e94bc149422_JaffaCakes118
Size

80KB
MD5

837669e2df3afb63a3e36e94bc149422
SHA1

b341b8c3145089b12c287f131691b720c108c5ca
SHA256

3884693e9aee769c4be799b1d95f0b6cc51713f91c2b5147ab20237f0deed97d
SHA512

af8fcf5f824f81423cad5032994d6454bd2189264fdd67bc83b1c04aa086052f5b454aa73c26617ea7feeb661ecfcb062f1161b79103d0b499585d3d0275bf9c
SSDEEP

1536:e9/b+BohUlUMorDT/TBsxa3A7gc/8mzEYOYIo1+orn7Qrq3A4ofR4J:e9/sock/TixJ1E1YI16n7XA4oA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
837669e2df3afb63a3e36e94bc149422_JaffaCakes118

Files

837669e2df3afb63a3e36e94bc149422_JaffaCakes118
.exe windows:4 windows x86 arch:x86

870abe5eb1ebc3ede5873650fc006762

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetMessageA
SetWindowPos
GetSubMenu
EnableMenuItem
GetSysColorBrush
EqualRect
UnhookWindowsHookEx
EnumWindows
PostQuitMessage
GetScrollPos
FrameRect
GetSysColor
SetWindowTextA

kernel32

ExitProcess
SetUnhandledExceptionFilter
GetThreadLocale
InterlockedExchange
VirtualAllocEx
GetFileAttributesA
GetStartupInfoA
GetTickCount
FileTimeToSystemTime
RtlUnwind
GetCurrentProcessId
GetOEMCP
GetSystemTime
GetTimeZoneInformation
GetTempPathA

gdi32

CreateCompatibleBitmap
SelectClipPath
ExcludeClipRect
DPtoLP
CreateICW
FillRgn
CopyEnhMetaFileA
SetViewportExtEx
GetMapMode

ole32

StringFromGUID2
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoInitializeSecurity
OleRun
StgOpenStorage
CoInitialize
DoDragDrop

advapi32

QueryServiceStatus
GetUserNameA
FreeSid
GetSecurityDescriptorDacl
RegCreateKeyExW
RegQueryValueExW
CheckTokenMembership
AdjustTokenPrivileges
RegCreateKeyA
CryptHashData

msvcrt

fprintf
_flsbuf
iswspace
strcspn
strncpy
raise
signal
__getmainargs
_strdup
_mbscmp
__setusermatherr
_fdopen
__initenv
fflush
_lock
strlen
_CIpow
puts

comctl32

ImageList_Destroy
ImageList_GetIcon
InitCommonControls
CreatePropertySheetPageA
ImageList_DrawEx
ImageList_DragEnter
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Write
ImageList_GetIconSize
ImageList_GetBkColor
ImageList_LoadImageA
ImageList_SetIconSize

shell32

DragQueryFileA
ExtractIconExW
ShellExecuteEx
SHBrowseForFolderA
CommandLineToArgvW
ExtractIconW
DoEnvironmentSubstW
ShellExecuteW
SHGetPathFromIDList
DragQueryFileW
DragAcceptFiles

oleaut32

SafeArrayGetUBound
SafeArrayPtrOfIndex
SysReAllocStringLen
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayPutElement

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

870abe5eb1ebc3ede5873650fc006762

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 76KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 76KB