94ec791295be0a8574550e097294ba36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94ec791295be0a8574550e097294ba36_JaffaCakes118
Size

147KB
MD5

94ec791295be0a8574550e097294ba36
SHA1

d5685856b6c9f546b8662dbabfe74b0c12ad9dd2
SHA256

902b930c63845337e8e6e2b40a829b374cf1ca16576ac4b98045a36618b2ac64
SHA512

b03b42063837ee39bbe3e28d61ce7fd756f33d8176f9dea8ad45e224a7764cf7eaad1a3d17e9ad720b66f82dac98a3988389208b083780ce144d52659a2f068f
SSDEEP

1536:bf3fUvD0tYmBuM3p1RxGBQ50c1KzqEXgr6Mt55gb:bXqUuMZ1jGQ0tZr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94ec791295be0a8574550e097294ba36_JaffaCakes118

Files

94ec791295be0a8574550e097294ba36_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8828c013ab6be249252920aadc5061d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostQuitMessage
FrameRect
SetWindowPos
SetWindowTextA
EnableMenuItem
GetSubMenu
GetScrollPos
GetSysColorBrush
GetSysColor
EqualRect
UnhookWindowsHookEx
GetMessageA
EnumWindows

kernel32

ExitProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
GetFileAttributesA
GetStartupInfoA
RtlUnwind
InterlockedExchange
VirtualAllocEx
GetTickCount
GetTempPathA
GetTimeZoneInformation
GetACP
GetThreadLocale
FileTimeToSystemTime

gdi32

DPtoLP
CreateCompatibleBitmap
CreateICW
ExcludeClipRect
SelectClipPath
GetMapMode
CopyEnhMetaFileA
FillRgn
SetViewportExtEx

ole32

CoInitializeSecurity
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoInitialize
CoRevokeClassObject
DoDragDrop
OleRun
StgOpenStorage

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
GetSecurityDescriptorDacl
CheckTokenMembership
CryptHashData
FreeSid
RegQueryValueExW
QueryServiceStatus
GetUserNameA
RegCreateKeyA

msvcrt

_lock
iswspace
_CIpow
strcspn
puts
fflush
_flsbuf
_mbscmp
strlen
__setusermatherr
__getmainargs
fprintf
_strdup
__initenv
strncpy
raise
_fdopen
signal

comctl32

ImageList_GetIcon
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_Destroy
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_DragEnter
ImageList_DrawEx
ImageList_Write
ImageList_LoadImageW
InitCommonControls

shell32

DoEnvironmentSubstW
SHBrowseForFolderA
ExtractIconW
ExtractIconExW
DragQueryFileW
CommandLineToArgvW
ShellExecuteEx
DragAcceptFiles
ShellExecuteW
DragQueryFileA
SHGetPathFromIDList

oleaut32

SafeArrayGetUBound
SafeArrayRedim
SafeArrayUnaccessData
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayCreate
VariantCopy

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8828c013ab6be249252920aadc5061d8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 84KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 84KB