8d77348a1ff822ff00840eed1c747268_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d77348a1ff822ff00840eed1c747268_JaffaCakes118
Size

145KB
MD5

8d77348a1ff822ff00840eed1c747268
SHA1

c98171ce40aa14ea729e81ab6f4a06bc31c6b617
SHA256

084d814a439c7f862101aaa29a26c5eab33c96701f5c46d34df926b2bbd00a17
SHA512

73a1a5444a2424d0810fb782f4864e2b523925ae0821bea22979ba1c166b2e98fc83800928bc49477fa9707620b6b1766da603c4b5c117a427731a8b73a54172
SSDEEP

3072:Ec31wWZ5f20ktfKAAtNPtTYmrO5ubeaiCcjF7HwFJU:NlNZstD+yasHw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d77348a1ff822ff00840eed1c747268_JaffaCakes118

Files

8d77348a1ff822ff00840eed1c747268_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0972694f3316a4a3581e8b3887e93356

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetACP
WaitForMultipleObjects
IsDBCSLeadByte
MultiByteToWideChar
FlushFileBuffers
GetCommandLineW
GetDriveTypeA
GetModuleHandleA
SetFileTime
CreateProcessW
GetEnvironmentStrings
VirtualProtect

msvcrt

_initterm
_XcptFilter
_cexit
_vsnprintf
_except_handler3
exit
_umask
__setusermatherr
__getmainargs
__p__commode
gmtime
wcscat
__set_app_type
_acmdln
__p__fmode
_adjust_fdiv
_read
log

user32

GetLastActivePopup
ScreenToClient
DeleteMenu
RegisterWindowMessageA
GetCursorPos
SetWindowPos
ReleaseCapture
EndPaint
EnumThreadWindows
GetMessageA
SetScrollRange
MessageBoxA
SetClassLongA
GetKeyboardType

oleaut32

LoadTypeLib
VariantInit
SetErrorInfo
SafeArrayGetElement
VariantClear
VariantCopy
SysFreeString
SafeArrayRedim
CreateErrorInfo

ole32

CoUninitialize
CoDisconnectObject
OleDraw
CoFreeUnusedLibraries
OleSetMenuDescriptor
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc

version

GetFileVersionInfoSizeW
VerInstallFileW
VerInstallFileA
VerFindFileW

gdi32

SetAbortProc
GetStretchBltMode
ScaleWindowExtEx
EnumFontFamiliesExA
SaveDC
GetWindowExtEx
GetSystemPaletteEntries

advapi32

RegCreateKeyExW
CryptDestroyHash
RegSetValueExW
DeregisterEventSource
RegDeleteKeyW

shell32

SHBindToParent
ExtractIconW
SHCreateDirectoryExA
ShellExecuteExA
DragQueryFileA
SHGetPathFromIDList
SHGetFolderPathW
SHGetFolderLocation
FindExecutableW
SHAppBarMessage
DragAcceptFiles
SHGetFileInfoA

comctl32

CreateStatusWindowA
ImageList_Replace
ImageList_SetBkColor
CreatePropertySheetPageA
ImageList_ReplaceIcon
CreateToolbarEx
PropertySheetW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0972694f3316a4a3581e8b3887e93356

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

ole32

version

gdi32

advapi32

shell32

comctl32

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 31KB - Virtual size: 108KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 31KB - Virtual size: 108KB