a0a65ec8c6a4131f54f280caa26f77ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a0a65ec8c6a4131f54f280caa26f77ad_JaffaCakes118
Size

82KB
MD5

a0a65ec8c6a4131f54f280caa26f77ad
SHA1

2c8ca311706c9616d3ecba13bd4d8a9a4dc7943c
SHA256

9e541789a1caaf855538dfa0831dad438b444bcbfef7f90d3d961ee13b33ec98
SHA512

9d8a0981c2e15583d089449fe1f0a79b729772ff6ef3f10eae7d553f7f1ad4d0d25ecb7fb9b087bdc8f0dde365a1f4f48e3777aece54db0716cacdda0d24d288
SSDEEP

1536:iwWNYOrmeh3zUNpP7vLZ/YDRbiE5n5BT35rgM0IE0h/sx:TWNYW3wNpP7TVzEZPTVw0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0a65ec8c6a4131f54f280caa26f77ad_JaffaCakes118

Files

a0a65ec8c6a4131f54f280caa26f77ad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a4030342e90a9254d2a5cd1ad151139b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UnhookWindowsHookEx
FrameRect
EqualRect
GetSysColor
GetMessageA
GetSysColorBrush
EnumWindows
PostQuitMessage
SetWindowPos
GetScrollPos
GetSubMenu
EnableMenuItem
SetWindowTextA

kernel32

GetFileAttributesA
VirtualAllocEx
ExitProcess
GetTickCount
GetOEMCP
RtlUnwind
QueryPerformanceCounter
InterlockedExchange
GetThreadLocale
GetStartupInfoA
GetCurrentProcessId
FileTimeToSystemTime
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetTempPathA

gdi32

SetViewportExtEx
CreateCompatibleBitmap
CopyEnhMetaFileA
ExcludeClipRect
DPtoLP
FillRgn
SelectClipPath
CreateICW
GetMapMode

ole32

CoTaskMemRealloc
CoCreateInstance
DoDragDrop
StringFromGUID2
CoInitialize
CoInitializeSecurity
OleRun
CoRevokeClassObject
StgOpenStorage

advapi32

CryptHashData
CheckTokenMembership
RegQueryValueExW
FreeSid
GetSecurityDescriptorDacl
AdjustTokenPrivileges
QueryServiceStatus
GetUserNameA
RegCreateKeyExW
RegCreateKeyA

msvcrt

strncpy
fprintf
_flsbuf
__setusermatherr
raise
__initenv
puts
iswspace
__getmainargs
_mbscmp
fflush
signal
strlen
_lock
strcspn
_strdup
_CIpow
_fdopen

comctl32

ImageList_GetIconSize
ImageList_Write
ImageList_LoadImageW
ImageList_ReplaceIcon
InitCommonControls
ImageList_LoadImageA
ImageList_DragEnter
CreatePropertySheetPageA
ImageList_Destroy
ImageList_DrawEx
ImageList_SetIconSize
ImageList_GetBkColor
ImageList_GetIcon

shell32

DragAcceptFiles
ExtractIconExW
ExtractIconW
SHBrowseForFolderA
DoEnvironmentSubstW
ShellExecuteW
DragQueryFileW
CommandLineToArgvW
DragQueryFileA
ShellExecuteEx
SHGetPathFromIDList

oleaut32

SafeArrayCreate
SafeArrayRedim
VariantCopy
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayUnaccessData

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4030342e90a9254d2a5cd1ad151139b

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 6KB - Virtual size: 5KB