acadb0eebef7d1a70de7c4eb83eb8c5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

acadb0eebef7d1a70de7c4eb83eb8c5e_JaffaCakes118
Size

217KB
MD5

acadb0eebef7d1a70de7c4eb83eb8c5e
SHA1

169a47ffa45763e3c7978fbdeeb9feb1a68786ae
SHA256

2729108db62a6bbbc7b2bc705930c044dce291b21798f1764b199448cd339776
SHA512

38cac41235c72f7cda91732f561680609ebd00c3213abe2688f772a57ad32373dc758822e0a6a8176423e9a97a2609ccc23a584cae4acf1ea92af963aa436dd7
SSDEEP

3072:qcsAxy1wBLvUnejPmo8OEDalFFd85my9FIkrj/8er9oUEQp6qcr6q2G:qfAxpLcea+FFd85m8FJL8eKqo6o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acadb0eebef7d1a70de7c4eb83eb8c5e_JaffaCakes118

Files

acadb0eebef7d1a70de7c4eb83eb8c5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99774e6095572c790233b2a3f2c26100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateHalftonePalette
EndPage
EnumFontFamiliesW
EnumFontsA
ExcludeClipRect
ExtFloodFill
GetEnhMetaFileHeader
GetMapMode
GetNearestPaletteIndex
LPtoDP
LineTo
SetArcDirection
SetBrushOrgEx
SetColorAdjustment
SetDIBitsToDevice
SetPolyFillMode
SetROP2
StretchDIBits

ole32

CLSIDFromString
CoInitializeSecurity
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoSetProxyBlanket
CoUninitialize
CreateBindCtx
CreateILockBytesOnHGlobal
IsAccelerator
IsEqualGUID
OleDraw
OleFlushClipboard
OleRun
OleSetClipboard
ReleaseStgMedium
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorage
StringFromCLSID
StringFromGUID2
StringFromIID

kernel32

DisableThreadLibraryCalls
GetCurrentDirectoryA
GetCurrentThread
GetEnvironmentStrings
GetFileSize
GetFileTime
GetLocaleInfoA
GetSystemTimeAsFileTime
GlobalFindAtomA
HeapCreate
OpenProcess
SetUnhandledExceptionFilter
VirtualQuery
lstrcatA

user32

CharLowerA
CheckMenuItem
DestroyCursor
DrawMenuBar
EmptyClipboard
EndDialog
GetClassInfoA
GetClientRect
GetDesktopWindow
GetMenuItemID
GetScrollPos
GetSysColorBrush
GetWindowTextA
InvalidateRect
IsWindowEnabled
IsWindowVisible
LoadStringA
OemToCharA
ScreenToClient
ScrollWindow
SetClassLongA
SetScrollPos
SystemParametersInfoA
wsprintfA

advapi32

CryptDestroyHash
CryptGenRandom
GetSecurityDescriptorDacl
GetUserNameA
LookupPrivilegeValueW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyA
RevertToSelf

shell32

CommandLineToArgvW
DragFinish
DragQueryPoint
ExtractAssociatedIconW
SHBrowseForFolder
SHGetFileInfo
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
Shell_NotifyIconA

comctl32

CreateStatusWindowA
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_LoadImageW
ImageList_Remove
ImageList_Replace
ImageList_SetDragCursorImage
ImageList_SetImageCount
ImageList_SetOverlayImage
InitializeFlatSB
PropertySheetW

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

38tZd9QI
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99774e6095572c790233b2a3f2c26100

Headers

File Characteristics

Imports

gdi32

ole32

kernel32

user32

advapi32

shell32

comctl32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 22KB - Virtual size: 21KB

38tZd9QI Size: 1024B - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 22KB - Virtual size: 21KB

38tZd9QI
Size: 1024B - Virtual size: 120KB