aaa267324367d9d69d0d56613bfbe626_JaffaCakes118

General

Target

aaa267324367d9d69d0d56613bfbe626_JaffaCakes118
Size

97KB
MD5

aaa267324367d9d69d0d56613bfbe626
SHA1

ace3e49c8db01e6d08dcb3b35516aec555a706d3
SHA256

2583f30b04e6858b8824d34764f2af0ea612ed31ef82491d268b68f0c907f33e
SHA512

d6e27daa9b43a839044cca8145bac028a83800f1dd9aaa936581f6a9ec171cd66a31a5e04927217476d60773e05625ac8fd6b6bb6f7f7aefe7c8b1240be25b6e
SSDEEP

3072:C3vLwaMMAKiqnisvRlvuEkJvLudc/FxRoi:Q32Kvn3vnvuEkJj3Fro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaa267324367d9d69d0d56613bfbe626_JaffaCakes118

Files

aaa267324367d9d69d0d56613bfbe626_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e7709ca5b1fb3b6dcd5a53440c793530

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetTempFileNameA
GetStartupInfoA
CompareStringW
VirtualProtect
GetConsoleMode
WritePrivateProfileStringA
WaitForSingleObject
GetModuleHandleA
GetModuleHandleW
GetLocalTime
GetLocaleInfoA

user32

CloseClipboard
wsprintfA
GetSysColor
GetSubMenu
GetMenuState
InvalidateRect
GetCursorPos
SetWindowsHookExA
GetDesktopWindow
ScreenToClient

msvcrt

_initterm
_vsnprintf
_write
__setusermatherr
_except_handler3
__getmainargs
cos
__p__fmode
sqrt
__p__commode
wcsstr
_acmdln
__set_app_type
_XcptFilter
printf
exit
_adjust_fdiv
towlower
getenv
signal
fopen

shell32

ShellExecuteExW
SHChangeNotify
ShellExecuteW
SHCreateDirectoryExW
SHFileOperationA
DragQueryFile
SHGetFileInfo
ExtractIconExA
DragFinish
SHGetFolderPathA

ole32

CoRegisterClassObject
IsAccelerator
CoFreeUnusedLibraries
CoCreateInstance
DoDragDrop

oleaut32

SysReAllocStringLen
SetErrorInfo
SysStringLen
SafeArrayRedim
VariantCopyInd
SafeArrayUnaccessData

advapi32

AdjustTokenPrivileges
GetSecurityDescriptorDacl

comctl32

InitializeFlatSB
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_DragLeave
ImageList_Destroy
ImageList_Replace
ImageList_Write

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7709ca5b1fb3b6dcd5a53440c793530

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

ole32

oleaut32

advapi32

comctl32

Sections

.text Size: 66KB - Virtual size: 66KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 66KB - Virtual size: 66KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB