a22ab068e4039426a9f36700d28ad6d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a22ab068e4039426a9f36700d28ad6d6_JaffaCakes118
Size

136KB
MD5

a22ab068e4039426a9f36700d28ad6d6
SHA1

89e137819d8613ef20c674debc6cc0c7d7924114
SHA256

1e046110025c4f3e473b3e6b79ca372def53ff4eae792c74106c0023eabf6d5c
SHA512

550d90619d090bfe38994ae57ecdaf2d38cd363e179ef5659a11038e83a2117f6eb20bc2eb2cac8aebf8a0b074f6425bb7102098270f4c150d0603d682cd2ebb
SSDEEP

3072:dREaRhHV39j2fhN2zA3+XUIlh83pfjgsRxLIO9pfDxOnG+Cnsu7eupqJXNlbBon:d9hGfQAFRx0O9pflOnG+Cnsu7rpqJXNQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a22ab068e4039426a9f36700d28ad6d6_JaffaCakes118

Files

a22ab068e4039426a9f36700d28ad6d6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7e2ababbf7fcd99d5968585265aab130

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
WriteConsoleA
GetModuleHandleA
GetSystemTimeAsFileTime
LocalFree
GetStartupInfoA
InterlockedCompareExchange
VirtualFree
FreeEnvironmentStringsA
GetModuleFileNameW
lstrcpynA
ExitProcess

msvcrt

fopen
__CxxFrameHandler
_snprintf
_except_handler3
exit
wcsncmp
_adjust_fdiv
__p__fmode
_acmdln
__getmainargs
__p__commode
_mbscmp
strspn
_XcptFilter
log
__setusermatherr
strrchr
__set_app_type
clearerr
_initterm

user32

KillTimer
DrawFrameControl
CheckMenuItem
SetFocus
UnregisterClassA
ShowOwnedPopups
GetCursorPos
SetWindowLongA

ole32

OleRun
CoUninitialize
OleSetMenuDescriptor
CoInitialize
CoCreateInstance
DoDragDrop
OleGetClipboard

shell32

SHGetFolderPathA
ExtractIconW
SHGetSettings
SHBrowseForFolder
ShellExecuteA
SHGetDiskFreeSpaceExW
SHGetSpecialFolderLocation
SHChangeNotify

gdi32

GetMetaFileBitsEx
PolyDraw
GetBrushOrgEx
TextOutW
ArcTo
CreateDCW

comctl32

CreatePropertySheetPageA
ImageList_Draw
PropertySheetA
ImageList_GetIcon
ImageList_DrawEx
ImageList_LoadImageA
ImageList_BeginDrag

advapi32

RegEnumKeyExW
RegQueryValueA
CopySid
CryptHashData
GetSecurityDescriptorDacl
InitializeAcl
InitiateSystemShutdownA

oleaut32

SysStringLen
SafeArrayPtrOfIndex
SafeArrayGetElement
LoadTypeLib
VariantCopy
SafeArrayUnaccessData
GetErrorInfo

version

VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeA
VerFindFileW
GetFileVersionInfoSizeW

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e2ababbf7fcd99d5968585265aab130

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

shell32

gdi32

comctl32

advapi32

oleaut32

version

Sections

.text Size: 62KB - Virtual size: 62KB

.data Size: 49KB - Virtual size: 49KB

.rsrc Size: 23KB - Virtual size: 51KB

.text
Size: 62KB - Virtual size: 62KB

.data
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 23KB - Virtual size: 51KB