87bc113c618862332c03e1d1d65b5888_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

87bc113c618862332c03e1d1d65b5888_JaffaCakes118
Size

1.6MB
MD5

87bc113c618862332c03e1d1d65b5888
SHA1

5d1e6700872b84db56e92b1d8c18b383ebb934f9
SHA256

2b8590a7f465a3d11b724b63e44982bdfade74a80b72dec9bad450635b236331
SHA512

0260a82b1e55192d2d600b1ec837db804fdb497e147068d164d5174b11267ae78b536daaa1b1653dc2ed40eae5bfb2e051622d6474e4fec8a45d122a0a9e2aff
SSDEEP

49152:ubyv9ZK7itFcHwxXabiJdqadG2VOaRXxZHD3:ubyO+IH02iJdh42VrRhZHT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87bc113c618862332c03e1d1d65b5888_JaffaCakes118

Files

87bc113c618862332c03e1d1d65b5888_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05e0cb3f711d88c6ce87dd573691eae4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtSelectClipRgn
SaveDC
OffsetClipRgn
GetClipRgn
FillRgn
CopyMetaFileA
RestoreDC
AddFontResourceA
GetFontData
SetColorAdjustment

kernel32

FindFirstFileExW
GetLongPathNameA
SetConsoleMode
GetProcessHeap
LocalLock
VirtualQuery
_lread
ScrollConsoleScreenBufferA
GetConsoleCursorInfo
EnumDateFormatsW
GetOEMCP
CreateDirectoryA
GetTempFileNameA
GetCommConfig
WriteConsoleOutputCharacterA
FormatMessageW
CreatePipe
PeekConsoleInputW
WriteFile
GetSystemTime
CreateFileW
FileTimeToLocalFileTime
GlobalFree
WritePrivateProfileStringW
EnumTimeFormatsW
GlobalAddAtomW
IsValidLocale
FlushConsoleInputBuffer
CompareStringW
FindFirstFileW
RemoveDirectoryW
ReleaseSemaphore
DuplicateHandle
GetTimeZoneInformation
FillConsoleOutputCharacterA
VirtualAllocEx
GlobalAddAtomA
CreateDirectoryExA
CreateWaitableTimerA
FreeLibraryAndExitThread
SuspendThread
SetHandleCount
GetVolumeInformationW
ExpandEnvironmentStringsW
CloseHandle
ExitProcess
GetDiskFreeSpaceExA

version

GetFileVersionInfoSizeA

advapi32

LookupPrivilegeDisplayNameA
LookupAccountSidA
AbortSystemShutdownW
OpenSCManagerA
InitiateSystemShutdownA
RegQueryValueA
IsTextUnicode
DeleteService
RegOpenKeyW
RegEnumKeyA
QueryServiceStatus
EqualSid
MakeSelfRelativeSD
QueryServiceLockStatusW
CreateProcessAsUserA
GetLengthSid
GetSidIdentifierAuthority
GetExplicitEntriesFromAclW
RegRestoreKeyA
ObjectCloseAuditAlarmA

comctl32

ImageList_EndDrag

comdlg32

PageSetupDlgA
GetOpenFileNameW

user32

PostQuitMessage
CreateMDIWindowW
GetParent
GetWindowLongA
LoadKeyboardLayoutA
GetDlgItemInt
LoadStringA
ChangeMenuA

shell32

SHFileOperationA
SHGetSpecialFolderLocation
ExtractIconExW
SHAddToRecentDocs

msvcrt

strtok
_fullpath
ceil
getc
isupper
_fstat
isspace
_tell
fflush
_mbslen
fseek

Sections

.text
Size: 9KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05e0cb3f711d88c6ce87dd573691eae4

Headers

File Characteristics

Imports

gdi32

kernel32

version

advapi32

comctl32

comdlg32

user32

shell32

msvcrt

Sections

.text Size: 9KB - Virtual size: 226KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 9KB - Virtual size: 226KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 17KB - Virtual size: 16KB