a5bbd2ba3a217b025ddc8abdfeabebdb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5bbd2ba3a217b025ddc8abdfeabebdb_JaffaCakes118
Size

163KB
MD5

a5bbd2ba3a217b025ddc8abdfeabebdb
SHA1

46d485a57dd9f0af1ab48684a989dfab9a2543f3
SHA256

05854267a7c1427ffa1ebb4c4dac71b2808270423ab2e4f41fd108bd0713dcb8
SHA512

0f40165b22a75ec401d8a58ec8e9b3070573f7cf834a01cda2d3e7896e1e1558aa083f4c579bbed854d4dcd7a6dedf60d4f708be86d5facf5a0a713f79710af4
SSDEEP

3072:5nQRJpDbOK7ToQqxq/afBlqQW9uKQHljDKWal0xud9GOvMlb9sY4T2xR+ra+lmc:dQGZqZ9wHIl0xiGNlAOor+c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5bbd2ba3a217b025ddc8abdfeabebdb_JaffaCakes118

Files

a5bbd2ba3a217b025ddc8abdfeabebdb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ff693a92b4ed90c774bd2049ccce6e07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetConsoleMode
GetModuleFileNameW
GetModuleHandleA
GetStartupInfoA
FormatMessageA
GetCPInfo
GetSystemTime
FlushFileBuffers
SetFileAttributesW
UnhandledExceptionFilter
EnumCalendarInfoA
VirtualProtect
DeleteFileA

user32

ScrollWindow
CloseClipboard
GetMenuStringA
GetSysColor
UnhookWindowsHookEx
LoadStringA
RemovePropA
IsIconic
SetClassLongA
GetWindowThreadProcessId
SetFocus
AdjustWindowRectEx
GetForegroundWindow
SetCursor
GetScrollInfo

msvcrt

log10
fgetc
_XcptFilter
abort
_adjust_fdiv
exit
_except_handler3
_open_osfhandle
__getmainargs
_acmdln
__set_app_type
__p__commode
_controlfp
__setusermatherr
_initterm
strtol
_cexit
__p__fmode

ole32

CoTaskMemFree
CoRegisterMessageFilter
OleInitialize
DoDragDrop
OleRun
OleGetClipboard

shell32

SHGetSpecialFolderPathA
SHGetPathFromIDList
ExtractIconA
SHFileOperationW
ExtractIconExW
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSettings
Shell_NotifyIconA
DragQueryFile
SHAddToRecentDocs

comctl32

ImageList_Add
ImageList_GetImageInfo
ImageList_DragLeave
ImageList_Replace
PropertySheetA
ImageList_DrawEx
ImageList_Remove
ImageList_SetIconSize

oleaut32

SafeArrayGetUBound
VariantCopy
VariantInit
SysAllocStringByteLen
SafeArrayPtrOfIndex

advapi32

OpenProcessToken
RegOpenKeyA
GetTokenInformation
RegEnumValueA
LookupPrivilegeValueA
CryptHashData
RegSetValueExA
CloseServiceHandle

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ff693a92b4ed90c774bd2049ccce6e07

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

ole32

shell32

comctl32

oleaut32

advapi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 151KB - Virtual size: 151KB

.data Size: 6KB - Virtual size: 6KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 151KB - Virtual size: 151KB

.data
Size: 6KB - Virtual size: 6KB