a28f9865bf6d3844113ee22c962f2a19_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a28f9865bf6d3844113ee22c962f2a19_JaffaCakes118
Size

220KB
MD5

a28f9865bf6d3844113ee22c962f2a19
SHA1

5490447fa85d53dd17ffb6f1a93374df2d2621b7
SHA256

553eeca00a3f17dfc3e571e7ae04633ae947ef3cf8e1dda077fd05bb6a7bed10
SHA512

c63386983355549874a517680b46c77b3906d2931d02717388daf06da172c2c6be08a7e15b1101c90f0b305fec688aee12423e67631240807990f26b6f570916
SSDEEP

6144:y7LlEE8+85ZyMwmautk/xSFk72smFfzQ/r:OREE8+8zysk/D72smFLQD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a28f9865bf6d3844113ee22c962f2a19_JaffaCakes118

Files

a28f9865bf6d3844113ee22c962f2a19_JaffaCakes118
.exe windows:5 windows x86 arch:x86

367b7bbf539d9c8c4bf030921a435214

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetStartupInfoA
VirtualProtect
GetVersionExW
GetFileAttributesA
GetSystemDirectoryA
GetSystemTime
GetModuleHandleA
GetLocaleInfoW
FileTimeToSystemTime
FreeEnvironmentStringsW
GetShortPathNameA
GetLocalTime
WaitForMultipleObjects
lstrcmpA

msvcrt

_except_handler3
_dup
atoi
__badioinfo
exit
wcsrchr
__setusermatherr
_unlink
_controlfp
isleadbyte
__p__commode
__getmainargs
_osver
_adjust_fdiv
_initterm
__p__fmode
_pctype
_XcptFilter
fread
strtoul
fgets
longjmp
log10
__set_app_type
_acmdln
_getch

advapi32

RegEnumKeyExW
CryptHashData
GetUserNameA
OpenSCManagerA
RegEnumKeyExA
RegQueryValueExA
EqualSid
OpenSCManagerW
RegFlushKey

oleaut32

SafeArrayPutElement
GetActiveObject

user32

MessageBeep
SetPropA
DispatchMessageA
EnumWindows
SetScrollInfo
SetCapture
OffsetRect

comctl32

ImageList_DragEnter
PropertySheetW
ImageList_LoadImageW
InitializeFlatSB
ImageList_Create
ImageList_LoadImageA
InitCommonControlsEx
ImageList_SetDragCursorImage
CreatePropertySheetPageA

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerInstallFileA
VerFindFileW
GetFileVersionInfoSizeA
VerInstallFileW

ole32

CLSIDFromString
CoInitialize
GetRunningObjectTable
IsAccelerator
StringFromIID
StgOpenStorage
CoRegisterMessageFilter

gdi32

GetBitmapBits
CreateCompatibleBitmap
GetRgnBox
SetWindowOrgEx
GetBkColor
LineTo
CreateDCA
TextOutW
GetDIBColorTable
StretchBlt
EndPage
GetWindowExtEx

shell32

SHGetPathFromIDList
SHCreateDirectoryExW
SHGetPathFromIDListA
SHBrowseForFolderW
DragQueryFileW
SHBindToParent
SHGetDesktopFolder
ShellExecuteW
ExtractIconExA
SHGetFileInfo

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

367b7bbf539d9c8c4bf030921a435214

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

oleaut32

user32

comctl32

version

ole32

gdi32

shell32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 108KB - Virtual size: 108KB