889e8dd8d5dc437974aba766627b22bc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

889e8dd8d5dc437974aba766627b22bc_JaffaCakes118
Size

3.7MB
MD5

889e8dd8d5dc437974aba766627b22bc
SHA1

52b79415aa7ed1b9ae460a244ad77cc670c84f50
SHA256

8454ab121e6f08ee523ec1b4e50428d8ccca26e4c2bc72621c7ed1dcb11039d3
SHA512

b2c9767c9cdfbba2cf2a20f6e59d170c9c69fbfe0dc6e5f6dbdcffa15358045c7c98a8d362a72ba8dd7d85e49612195682fd4ddfe7bf5c772d2bd51677dd924f
SSDEEP

49152:lA1i7/yuu9xZJLH2EXNt4/UZqeB0s67i41qvMNV2gWH2M7BJZMxcZGPMLpqfypE5:lWj955XNtdxMeH2M7B4x2GWoqo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
889e8dd8d5dc437974aba766627b22bc_JaffaCakes118

Files

889e8dd8d5dc437974aba766627b22bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a141bab03d113c73601412ffaec36c92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_GetImageCount

ole32

CLSIDFromString
CoCreateInstanceEx
StgSetTimes
CoDisconnectObject

kernel32

GlobalAddAtomA
IsBadStringPtrA
GetSystemInfo
FormatMessageW
EnumResourceLanguagesW
ReadFile
DebugBreak
FindResourceExW
CreateWaitableTimerA
FlushConsoleInputBuffer
FindNextChangeNotification
GetThreadPriority
LeaveCriticalSection
CompareStringW
CloseHandle
UnhandledExceptionFilter
IsBadReadPtr
VirtualQuery
SetVolumeLabelA
GetCompressedFileSizeW
GlobalFlags
MultiByteToWideChar
SetSystemTime
GetProcessTimes
CreatePipe
GenerateConsoleCtrlEvent
VirtualAllocEx
EnumResourceNamesA
QueryDosDeviceA
EndUpdateResourceA
GetCommState
GetProfileStringA
OutputDebugStringW
Beep
LocalLock
SetConsoleCursorPosition
ExitProcess
GetUserDefaultLCID

advapi32

RegQueryInfoKeyA
ReportEventA
GetSecurityDescriptorLength
RegConnectRegistryW
LookupAccountNameW
LookupPrivilegeNameA
StartServiceW

user32

SetWindowPos
HideCaret
GetAsyncKeyState
PeekMessageA
LoadAcceleratorsA
GetCaretBlinkTime
AdjustWindowRect
EnumThreadWindows
ValidateRgn
CreatePopupMenu
GetKeyboardState
VkKeyScanA
SetCursorPos
CreateCursor
CharPrevW
GetWindowInfo
SubtractRect
InvertRect
DrawStateW

msvcrt

abort
_locking
_fstat
fopen
printf
_getdrive
_chdir

Sections

.text
Size: 6KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a141bab03d113c73601412ffaec36c92

Headers

File Characteristics

Imports

comctl32

ole32

kernel32

advapi32

user32

msvcrt

Sections

.text Size: 6KB - Virtual size: 224KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3.4MB - Virtual size: 3.4MB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 6KB - Virtual size: 224KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3.4MB - Virtual size: 3.4MB

.rsrc
Size: 19KB - Virtual size: 18KB