abf24b1ff27e44109ca72da15f2a8182_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abf24b1ff27e44109ca72da15f2a8182_JaffaCakes118
Size

213KB
MD5

abf24b1ff27e44109ca72da15f2a8182
SHA1

b21938e76e3945f8298c9a0b92de3dc3d4496bca
SHA256

ffd799d63961e06a2290a0a9dabcf6736730646d87a801805868aca7e1ab20ec
SHA512

febd8e2ab432f057c9fc65997217b6aff5389a55bf826f19f8a4f3a2ef67c97773f9fc4e29b939597e4151d75d92eda81f0e53125c6c51d6b01d023d2deb76f3
SSDEEP

3072:YSigkvSUR64NzX79UvHL8D9qh8hrwHH2yRtr5J21hfu/zCgtE591grJpBdSj8wL5:YSigFmhX79Iio8hX+tJc1grdduky4Ql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abf24b1ff27e44109ca72da15f2a8182_JaffaCakes118

Files

abf24b1ff27e44109ca72da15f2a8182_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65936a73f1b257241d36ed7cbf2a2c43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
EqualSid
InitiateSystemShutdownA
IsValidSid
OpenSCManagerW
OpenThreadToken
RegCloseKey
RegCreateKeyA
RegDeleteKeyW
RegEnumValueA
RegEnumValueW
RegOpenKeyW
RegQueryInfoKeyA

gdi32

CopyMetaFileW
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateDIBitmap
CreateICA
CreatePalette
DeleteEnhMetaFile
DeleteMetaFile
GetDeviceCaps
GetEnhMetaFileHeader
GetObjectType
GetRegionData
GetTextColor
GetViewportExtEx
GetWindowExtEx
MaskBlt
OffsetViewportOrgEx
OffsetWindowOrgEx
RectInRegion
SelectClipPath
SetColorAdjustment
SetDIBColorTable
SetMapperFlags
TextOutA

ole32

CoGetMalloc
CoTaskMemFree
OleSetClipboard
OleUninitialize
PropVariantClear
RevokeDragDrop
StringFromCLSID

shell32

DragQueryFileA
DragQueryFileW
SHGetPathFromIDListW
SHGetSpecialFolderPathA
ShellExecuteW

user32

BeginPaint
CheckMenuItem
ClientToScreen
CreateWindowExA
DialogBoxParamA
DispatchMessageA
DrawMenuBar
EndPaint
GetCursorPos
GetKeyboardType
GetWindowTextA
InvalidateRect
IsChild
LoadBitmapA
MessageBeep
RedrawWindow
ReleaseDC
ScrollWindow
SetWindowTextA
ShowCursor

kernel32

CreateDirectoryA
CreateProcessA
CreateThread
DeviceIoControl
DisableThreadLibraryCalls
ExpandEnvironmentStringsA
FindResourceW
GetACP
GetCommandLineA
GetConsoleMode
GetFileSize
GetLocaleInfoA
GetStringTypeExA
GetVersion
GetVersionExW
GetWindowsDirectoryA
GlobalFindAtomA
GlobalLock
HeapDestroy
IsDBCSLeadByte
LoadLibraryExA
LocalAlloc
MapViewOfFile
QueryPerformanceCounter
ResumeThread
SizeofResource

comctl32

ImageList_DragEnter
ImageList_EndDrag
ImageList_LoadImageW
ImageList_SetBkColor

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

yYnOgsOq
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

65936a73f1b257241d36ed7cbf2a2c43

Headers

File Characteristics

Imports

advapi32

gdi32

ole32

shell32

user32

kernel32

comctl32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

yYnOgsOq Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

yYnOgsOq
Size: 2KB - Virtual size: 120KB