96ab016c9821d38179405bf693105bc8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96ab016c9821d38179405bf693105bc8_JaffaCakes118
Size

134KB
MD5

96ab016c9821d38179405bf693105bc8
SHA1

54cd3b5384e4c36313dee2a092b0f2038bc7fc6f
SHA256

f67323f77fb0a2f384054ad5159f5238b40b92e09336454ef5ed95eda56899f1
SHA512

7a91f7628feba643c18a2b1846731aa37627e5e3ee9b5c98460940d34e3e9538fe66cc2dd443d91f870972a9638dc7f422376fb86e4a885d34b66c320f119e30
SSDEEP

3072:ie6+U4+h72JSGNPNNxofuMzDKFhpca8LIK+hvTnZNgoblhmf:H+FyNNIuMzDuIqbnZre

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96ab016c9821d38179405bf693105bc8_JaffaCakes118

Files

96ab016c9821d38179405bf693105bc8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d6d2e654c0238c8e41fb6a407d03202f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LCMapStringA
GetStartupInfoA
GlobalLock
GetModuleHandleA
SetFilePointer
VirtualAlloc
VirtualProtect

msvcrt

_initterm
_except_handler3
_iob
__set_app_type
_onexit
wcstombs
longjmp
atoi
sqrt
strcmp
__getmainargs
_XcptFilter
__setusermatherr
__p__fmode
exit
log
_adjust_fdiv
_acmdln
__p__commode

user32

GetMessagePos
RedrawWindow
SetCursor
GetMenuItemID
SetMenu
IsRectEmpty
WaitMessage
GetCursorPos
MapWindowPoints

oleaut32

GetActiveObject
SysFreeString
CreateErrorInfo
LoadTypeLib
SysAllocStringLen
SafeArrayRedim
SafeArrayGetUBound

comctl32

ImageList_SetOverlayImage
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_LoadImageW
PropertySheetA
ImageList_Destroy
ImageList_Remove
ImageList_Draw
ImageList_GetIconSize
ImageList_ReplaceIcon

shell32

ExtractIconExA
CommandLineToArgvW
SHCreateDirectoryExA
SHAddToRecentDocs
SHAppBarMessage
Shell_NotifyIconW
ExtractIconW
SHFileOperationW
SHGetSettings

ole32

IIDFromString
OleFlushClipboard
RegisterDragDrop
CoRevokeClassObject
StgCreateDocfileOnILockBytes
ProgIDFromCLSID
CoInitialize
OleRun
OleSetMenuDescriptor
CoTaskMemRealloc

gdi32

CreatePolygonRgn
SetWindowOrgEx
PolylineTo
Pie
PlayMetaFile
GetSystemPaletteEntries
CreateMetaFileW
CreateEnhMetaFileA
DeleteObject
GdiFlush
EndDoc
OffsetWindowOrgEx

advapi32

LookupPrivilegeValueW
RegOpenKeyExA
IsValidSid
RevertToSelf

version

VerQueryValueA
VerFindFileW
GetFileVersionInfoW
GetFileVersionInfoA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6d2e654c0238c8e41fb6a407d03202f

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

oleaut32

comctl32

shell32

ole32

gdi32

advapi32

version

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 20KB - Virtual size: 20KB