865fdc81613aef795f98a0d0549a6a96_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

865fdc81613aef795f98a0d0549a6a96_JaffaCakes118
Size

141KB
MD5

865fdc81613aef795f98a0d0549a6a96
SHA1

3a7538ea1336bf5e49e6ccc33902fecefa0e73e0
SHA256

cf21f112d4dd4f40d6cf537c6b99b06cea2154a3b3d4133c7494cf7f4a1f82bf
SHA512

3e0e91a5f2c0b0d520c2b0297383cd6829323e1c36330eda1111963c59dcb6d9016da70c4211897e89c642a895ff2f929633e357343a5905143ce54dc4f19076
SSDEEP

3072:+wX31QtD7l6PiAtZXAKh+1hDSUA45Ev1EAAXHjie92mitMsj:t0DpkiiZXAMQhDtn61EAAXH6mit

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
865fdc81613aef795f98a0d0549a6a96_JaffaCakes118

Files

865fdc81613aef795f98a0d0549a6a96_JaffaCakes118
.exe windows:5 windows x86 arch:x86

17bd470e6ce621fc046ea8e3126090a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetEnvironmentVariableA
InterlockedDecrement
FlushFileBuffers
SetUnhandledExceptionFilter
GetModuleHandleA
GetVersion
LocalAlloc
SetFileAttributesW
ExpandEnvironmentStringsA
VirtualProtect
Sleep
GetStartupInfoA

msvcrt

swscanf
_controlfp
_acmdln
__set_app_type
vsprintf
putchar
_iob
wcscat
__getmainargs
printf
exit
floor
_XcptFilter
_initterm
_adjust_fdiv
__p__fmode
__setusermatherr
log
fwrite
_except_handler3
__p__commode
_wcslwr
iswspace
strspn

advapi32

RegOpenKeyExA
RegOpenKeyExW
RegSetValueExA
InitializeSecurityDescriptor
CryptGenRandom

oleaut32

SysFreeString
CreateErrorInfo
SysAllocStringByteLen
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
GetErrorInfo
SysStringByteLen
VariantCopy
VariantCopyInd

version

VerQueryValueW
GetFileVersionInfoW
VerInstallFileA
VerFindFileW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

ExtractIconExA
SHChangeNotify
SHGetDiskFreeSpaceExW
SHGetFolderPathW
SHGetFileInfoA
SHGetFolderPathA

comctl32

ImageList_DragLeave
ImageList_Create
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_SetBkColor
ImageList_DrawEx
ImageList_GetIconSize

ole32

DoDragDrop
GetRunningObjectTable
OleIsCurrentClipboard
CoGetInterfaceAndReleaseStream
IsAccelerator
CoInitializeEx
CoTaskMemRealloc
ReleaseStgMedium

gdi32

StartPage
RemoveFontResourceA
SetTextColor
Polygon
GetMapMode
GetPixel
GetSystemPaletteEntries
CreateRectRgnIndirect
CreateCompatibleDC
CreateBitmap
FillPath
CreateDIBSection
GetTextFaceA

user32

IsChild
DialogBoxParamA
CallNextHookEx
FrameRect
FillRect
GetWindowRect
OffsetRect
SetWindowTextA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17bd470e6ce621fc046ea8e3126090a0

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

oleaut32

version

shell32

comctl32

ole32

gdi32

user32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 105KB - Virtual size: 105KB