89eb02a87f252055660180c68191ad83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89eb02a87f252055660180c68191ad83_JaffaCakes118
Size

77KB
MD5

89eb02a87f252055660180c68191ad83
SHA1

f860c7d61ae45238155d39f02f70c4310244a2dc
SHA256

0c08bedddfa88694f35deb8c18d2d27967f757d311ccdd05bee89c27e3b3fe64
SHA512

726d6632f8c9e35440988859ce03a7b3f1e07697a41b4149777322619cc890986105cbcaa1dd907e5041e50e4184bcf0fe7158b59ce9b5c344a2ca4bd6420416
SSDEEP

1536:4BAi1ihrhNkiHxaLuDzDskkAEJ1OO6P8RS1ngjgIgzfU1SXVBpBIW5uB2Whf1gT:y2rhNkiHxSKs590O6P8Rg0gIgzsEVP6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89eb02a87f252055660180c68191ad83_JaffaCakes118

Files

89eb02a87f252055660180c68191ad83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0797508126e5a78c4b55a8b3156176a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetMessageA
FrameRect
GetScrollPos
PostQuitMessage
GetSubMenu
UnhookWindowsHookEx
SetWindowTextA
EnableMenuItem
EqualRect
EnumWindows
GetSysColorBrush
GetSysColor
SetWindowPos

kernel32

GetFileAttributesA
QueryPerformanceCounter
GetSystemTime
RtlUnwind
InterlockedExchange
SetUnhandledExceptionFilter
GetStartupInfoA
GetTempPathA
GetCurrentProcessId
GetThreadLocale
GetTickCount
GetACP
GetTimeZoneInformation
ExitProcess
FileTimeToSystemTime
GetOEMCP
VirtualAllocEx

gdi32

FillRgn
SelectClipPath
CreateCompatibleBitmap
SetViewportExtEx
DPtoLP
CopyEnhMetaFileA
GetMapMode
ExcludeClipRect
CreateICW

ole32

DoDragDrop
StgOpenStorage
OleRun
StringFromGUID2
CoRevokeClassObject
CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoInitializeSecurity

advapi32

QueryServiceStatus
RegCreateKeyExW
FreeSid
CheckTokenMembership
RegQueryValueExW
GetUserNameA
AdjustTokenPrivileges
GetSecurityDescriptorDacl
CryptHashData
RegCreateKeyA

msvcrt

_mbscmp
_strdup
strlen
__setusermatherr
strncpy
_lock
raise
signal
__initenv
puts
_fdopen
_flsbuf
_CIpow
strcspn
fflush
fprintf
__getmainargs
iswspace

comctl32

ImageList_DrawEx
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_SetIconSize
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_DragEnter
ImageList_LoadImageA
ImageList_GetIcon
InitCommonControls
ImageList_Destroy
ImageList_Write
ImageList_LoadImageW

shell32

ShellExecuteW
SHGetPathFromIDList
DragQueryFileA
SHBrowseForFolderA
ExtractIconW
DragQueryFileW
ShellExecuteEx
CommandLineToArgvW
DragAcceptFiles
DoEnvironmentSubstW
ExtractIconExW

oleaut32

SafeArrayUnaccessData
SafeArrayPutElement
VariantCopy
SafeArrayPtrOfIndex
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayCreate
SafeArrayRedim

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0797508126e5a78c4b55a8b3156176a8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: - Virtual size: 26KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: - Virtual size: 26KB