8bd8a0c7e8c627e40e4724df502c8fb6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8bd8a0c7e8c627e40e4724df502c8fb6_JaffaCakes118
Size

81KB
MD5

8bd8a0c7e8c627e40e4724df502c8fb6
SHA1

c0154df23601a45d12c783114a3185d326e43b70
SHA256

a0ef4922079d7b7a2d121378c649ab0964d6dda0a526b29239e24e8c7b7f69f5
SHA512

580385c357aa981801c4456428e403d394de575ff3c30a6caf1825920eabfe50262bac8adcbb3bf413d6145c2112ed28c5c82c857837afcd2ca0e0e4f56466d4
SSDEEP

1536:mqzYq7ymSe+9qd7Wffo8vwpAYwn7ZInuFQx8Xdgea9dG:Jz97yhrqd7Wo0wKYwitx8eea9E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bd8a0c7e8c627e40e4724df502c8fb6_JaffaCakes118

Files

8bd8a0c7e8c627e40e4724df502c8fb6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0241058975c9c00ad49cfce789e66ed8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSubMenu
SetWindowPos
PostQuitMessage
EnableMenuItem
GetMessageA
EnumWindows
GetScrollPos
UnhookWindowsHookEx
GetSysColorBrush
GetSysColor
SetWindowTextA
FrameRect
EqualRect

kernel32

GetACP
SetUnhandledExceptionFilter
FileTimeToSystemTime
GetThreadLocale
RtlUnwind
GetStartupInfoA
VirtualAllocEx
ExitProcess
GetTempPathA
GetOEMCP
GetTimeZoneInformation
GetSystemTime
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetFileAttributesA
InterlockedExchange

gdi32

SetViewportExtEx
CreateCompatibleBitmap
DPtoLP
FillRgn
ExcludeClipRect
SelectClipPath
GetMapMode
CreateICW
CopyEnhMetaFileA

ole32

CoCreateInstance
CoTaskMemRealloc
StgOpenStorage
CoInitializeSecurity
OleRun
CoInitialize
DoDragDrop
StringFromGUID2
CoRevokeClassObject

advapi32

GetSecurityDescriptorDacl
FreeSid
RegCreateKeyA
CryptHashData
QueryServiceStatus
CheckTokenMembership
AdjustTokenPrivileges
RegCreateKeyExW
RegQueryValueExW
GetUserNameA

msvcrt

fflush
_mbscmp
puts
__getmainargs
raise
_flsbuf
iswspace
strncpy
__setusermatherr
strlen
_CIpow
signal
__initenv
_fdopen
_lock
strcspn
fprintf
_strdup

comctl32

ImageList_LoadImageA
ImageList_DragEnter
ImageList_GetIcon
ImageList_LoadImageW
ImageList_Write
ImageList_GetIconSize
ImageList_Destroy
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_GetBkColor
ImageList_DrawEx
InitCommonControls

shell32

ExtractIconExW
ShellExecuteW
DoEnvironmentSubstW
DragQueryFileA
SHBrowseForFolderA
ShellExecuteEx
CommandLineToArgvW
DragQueryFileW
ExtractIconW
DragAcceptFiles
SHGetPathFromIDList

oleaut32

SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayCreate
SafeArrayGetUBound
VariantCopy
SysReAllocStringLen
SafeArrayPutElement

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0241058975c9c00ad49cfce789e66ed8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 76KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 76KB