8c3ccbb92547cd8227d8be65b83652e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c3ccbb92547cd8227d8be65b83652e3_JaffaCakes118
Size

80KB
MD5

8c3ccbb92547cd8227d8be65b83652e3
SHA1

e7d17a743c3943124b9b4d8414e3bf3c4108de86
SHA256

d6d1b2caf84d1bba7bd63dffbcf5334b03084bcee041b1685cbc03b51bdcb4b6
SHA512

c47224e62ba9b1439ae3e092caace4374883cef77ed8c163b9dfdca38c9f0422024c220390c8b9a617581dc218539813bcb6e7ef6d04565557e1b646caac6c05
SSDEEP

1536:hsZomvSE1ym/xBHzQYgA4LF6DD3nddOC0CNeHCv4QY8gc:SmNSv/rlmF6DjOvse4D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c3ccbb92547cd8227d8be65b83652e3_JaffaCakes118

Files

8c3ccbb92547cd8227d8be65b83652e3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a64a2fd03f05a6ca0da749d20568aeea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
GetMessageA
GetScrollPos
GetSysColorBrush
GetSubMenu
EnumWindows
SetWindowPos
EnableMenuItem
FrameRect
PostQuitMessage
SetWindowTextA
UnhookWindowsHookEx
EqualRect

kernel32

GetTimeZoneInformation
SetUnhandledExceptionFilter
GetSystemTime
GetStartupInfoA
RtlUnwind
GetFileAttributesA
GetACP
GetTempPathA
FileTimeToSystemTime
InterlockedExchange
GetCurrentProcessId
VirtualAllocEx
GetThreadLocale
ExitProcess

gdi32

CreateCompatibleBitmap
CopyEnhMetaFileA
SelectClipPath
CreateICW
SetViewportExtEx
ExcludeClipRect
GetMapMode
FillRgn
DPtoLP

ole32

CoTaskMemRealloc
CoInitializeSecurity
StgOpenStorage
CoRevokeClassObject
CoInitialize
DoDragDrop
OleRun
StringFromGUID2
CoCreateInstance

advapi32

RegCreateKeyA
AdjustTokenPrivileges
FreeSid
GetUserNameA
CheckTokenMembership
GetSecurityDescriptorDacl
RegQueryValueExW
CryptHashData
RegCreateKeyExW
QueryServiceStatus

msvcrt

_flsbuf
_mbscmp
iswspace
raise
puts
_fdopen
__setusermatherr
fprintf
strncpy
signal
_CIpow
__getmainargs
_strdup
strlen
_lock
fflush
strcspn
__initenv

comctl32

ImageList_GetIcon
ImageList_GetBkColor
InitCommonControls
ImageList_Destroy
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_DragEnter
ImageList_Write
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_DrawEx

shell32

DoEnvironmentSubstW
SHGetPathFromIDList
ExtractIconExW
DragQueryFileA
DragAcceptFiles
ShellExecuteEx
DragQueryFileW
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteW
ExtractIconW

oleaut32

SafeArrayRedim
SafeArrayUnaccessData
SafeArrayPutElement
VariantCopy
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysReAllocStringLen
SafeArrayCreate

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tiwkxkc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a64a2fd03f05a6ca0da749d20568aeea

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 34KB

tiwkxkc Size: - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 34KB

tiwkxkc
Size: - Virtual size: 4KB