8c971bd07b6e1e3e5333fffe1fa1a5e9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8c971bd07b6e1e3e5333fffe1fa1a5e9_JaffaCakes118
Size

136KB
MD5

8c971bd07b6e1e3e5333fffe1fa1a5e9
SHA1

d8ebd4ee420122d36cb96b9f08834d052cdc5097
SHA256

86874d82cf7e0e2dd8316230187d67ab797a6528f1527907d799249103c82eaf
SHA512

a64dd9f201b030aa01ae7e46716a760b145c9e1c13b56ea7266eb9f9cc3f3b50081aa2d34a49841f8da268a5352fcbb86df801f55481ecd7fa2585c6ec609d4f
SSDEEP

3072:0mAlZpGzRt0/co2B4CZ0gGy1xkQ2TpqwdLM4QQ:/tiw5ZoyojqwdV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c971bd07b6e1e3e5333fffe1fa1a5e9_JaffaCakes118

Files

8c971bd07b6e1e3e5333fffe1fa1a5e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3557f35c4f269c96ce5d67d9738f1774

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
GlobalHandle
GetFileTime
VirtualProtect
GetStartupInfoA
InterlockedIncrement
GetWindowsDirectoryA
GetModuleHandleA
RtlUnwind
GetTempPathW

msvcrt

__setusermatherr
_adjust_fdiv
__set_app_type
__p__fmode
_except_handler3
_initterm
__p__commode
_getcwd
_controlfp
perror
_snprintf
log10
_acmdln
_itow
fprintf
_mbscmp
exit
__getmainargs
_XcptFilter

gdi32

GetSystemPaletteEntries
AddFontResourceA
StrokePath
SetBrushOrgEx
EndPage
CreatePatternBrush
GetMetaFileBitsEx
LineDDA
GetCurrentPositionEx
CreateEnhMetaFileA

oleaut32

SafeArrayRedim
SafeArrayPutElement
SafeArrayUnaccessData
SetErrorInfo
VariantClear
SafeArrayCreate
SysAllocStringLen
SysReAllocStringLen
VariantInit

comctl32

ImageList_LoadImageA
ImageList_DragEnter
ImageList_SetImageCount
ImageList_Read
CreateStatusWindowA
ImageList_GetBkColor
ImageList_Create
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_SetDragCursorImage
PropertySheetA

advapi32

IsValidSid
RegFlushKey
RegOpenKeyW
RegOpenKeyExA
RegCreateKeyExW
RegDeleteValueA
RegCreateKeyA
OpenSCManagerA
SetSecurityDescriptorGroup
FreeSid
RegEnumValueW
RegQueryInfoKeyW

version

GetFileVersionInfoA
VerQueryValueW
VerInstallFileW
GetFileVersionInfoSizeA
VerLanguageNameA
VerInstallFileA
VerQueryValueA
VerFindFileW

ole32

CoInitialize
OleRun
StringFromIID
CoCreateInstance
IsAccelerator
StgCreateDocfileOnILockBytes
CoGetInterfaceAndReleaseStream

shell32

FindExecutableW
SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
DoEnvironmentSubstW
CommandLineToArgvW
ExtractIconW
ShellExecuteA
SHGetFolderPathW
SHGetSpecialFolderLocation
Shell_NotifyIconA

user32

GetSystemMenu
SetTimer
CheckMenuItem
AdjustWindowRectEx
PeekMessageA

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3557f35c4f269c96ce5d67d9738f1774

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

oleaut32

comctl32

advapi32

version

ole32

shell32

user32

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 18KB - Virtual size: 40KB

.rsrc Size: 99KB - Virtual size: 176KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 18KB - Virtual size: 40KB

.rsrc
Size: 99KB - Virtual size: 176KB