8ab535c1b7ff85069a8353f83a35b005_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ab535c1b7ff85069a8353f83a35b005_JaffaCakes118
Size

130KB
MD5

8ab535c1b7ff85069a8353f83a35b005
SHA1

605736099cc57dbff7ce4c86e0098aeeee3ea1ee
SHA256

47ea3d93c966b0c3e56de3761577ec7faa73b81c353d45c2b0d0a3562a361533
SHA512

8264fdcbf119a3d9a0e8c9d13ec94367cf7cf9a964579f265e8414c9db27a73a831332f7ff98cf4baf0f402aac3833ea7414b47edfc6f9fc29db4165fda30f19
SSDEEP

3072:gc0WBGqwpGKEyeK1Z1GcUCaDQRrJfzAGgdRuv4V2:z0rQ81PN7NGlQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ab535c1b7ff85069a8353f83a35b005_JaffaCakes118

Files

8ab535c1b7ff85069a8353f83a35b005_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0f93401bbe5b3b1d68456804656926c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalReAlloc
lstrcmpA
WriteConsoleA
GetModuleHandleA
GetStartupInfoA
GetLocaleInfoW
SetLastError
GetStringTypeW
VirtualProtect
LocalAlloc

msvcrt

exit
_initterm
toupper
_ultoa
_fdopen
_except_handler3
__getmainargs
_setjmp
log
_acmdln
__setusermatherr
__p__fmode
__p__commode
_strdup
_XcptFilter
_adjust_fdiv
_amsg_exit
__set_app_type

user32

BeginPaint
PostQuitMessage
SetWindowLongA
SendMessageA
CreateWindowExA
SystemParametersInfoA
UnhookWindowsHookEx
AdjustWindowRectEx
EnableMenuItem
ShowCursor
GetDC
SetWindowTextA
UpdateWindow

gdi32

SetTextJustification
GetViewportExtEx
SetRectRgn
GetObjectType
CreateFontIndirectW
CreateBitmap

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerFindFileW
GetFileVersionInfoW
VerInstallFileA
VerInstallFileW

shell32

Shell_NotifyIconA
SHGetSettings
ShellExecuteEx
SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathA
DragQueryFileW
SHGetSpecialFolderLocation
SHAppBarMessage
ExtractIconExA

ole32

CoInitialize
CoGetMalloc
OleGetClipboard
CoSetProxyBlanket
CoCreateInstance
CoRegisterMessageFilter
OleSetMenuDescriptor
StgOpenStorage
OleIsCurrentClipboard
OleUninitialize

oleaut32

VariantCopy
SafeArrayRedim
SysAllocStringByteLen
VariantClear
SafeArrayGetElement
SafeArrayPutElement

advapi32

ControlService
RevertToSelf
CheckTokenMembership
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
GetUserNameA
RegFlushKey
EqualSid
RegEnumValueW
OpenThreadToken
DeregisterEventSource

comctl32

ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_AddMasked
CreateStatusWindowA
ImageList_LoadImageA
ImageList_Draw
InitializeFlatSB
ImageList_GetBkColor
PropertySheetA
DestroyPropertySheetPage
ImageList_DrawEx

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0f93401bbe5b3b1d68456804656926c

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

version

shell32

ole32

oleaut32

advapi32

comctl32

Sections

.text Size: 55KB - Virtual size: 55KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 55KB - Virtual size: 55KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 31KB - Virtual size: 31KB