abdd576e00553093813de25bd5c4173a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abdd576e00553093813de25bd5c4173a_JaffaCakes118
Size

87KB
MD5

abdd576e00553093813de25bd5c4173a
SHA1

7aeb11b1d18d3fa268e295889ae5c3abbfda7f30
SHA256

581d460227b1eb3cde92ef7611dda2e64748e3c8586085a37781efdf1fc674f3
SHA512

647546371b3e1d4165f2e4c9fe18ea5c1266d4c0b4e1819ee15380ae1f753355a6795ecbba353dc01968f143b744e36b1d007ecfc937ea22fd5a2a52f5b749e2
SSDEEP

1536:TexBh6owmWWvCtqH7aNBmexy9p9BlYYyQJF/jWDmLwSJwKrVOS:QBh6h9WvSqba239VlB3/jImLzwKr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abdd576e00553093813de25bd5c4173a_JaffaCakes118

Files

abdd576e00553093813de25bd5c4173a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e85f51a319deb7849c5b7035fac5e99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
FrameRect
GetMessageA
GetScrollPos
EnableMenuItem
SetWindowPos
EnumWindows
EqualRect
GetSubMenu
UnhookWindowsHookEx
GetSysColorBrush
PostQuitMessage
SetWindowTextA

kernel32

GetCurrentProcessId
RtlUnwind
FileTimeToSystemTime
GetFileAttributesA
ExitProcess
GetTimeZoneInformation
VirtualAllocEx
GetOEMCP
GetStartupInfoA
GetThreadLocale
InterlockedExchange
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetACP
GetTickCount
GetTempPathA

gdi32

SetViewportExtEx
DPtoLP
GetMapMode
SelectClipPath
ExcludeClipRect
CopyEnhMetaFileA
CreateCompatibleBitmap
FillRgn
CreateICW

ole32

CoCreateInstance
CoRevokeClassObject
DoDragDrop
CoTaskMemRealloc
StgOpenStorage
CoInitializeSecurity
OleRun
StringFromGUID2
CoInitialize

advapi32

GetUserNameA
QueryServiceStatus
FreeSid
RegCreateKeyExW
GetSecurityDescriptorDacl
CheckTokenMembership
CryptHashData
RegQueryValueExW
AdjustTokenPrivileges
RegCreateKeyA

msvcrt

strlen
fprintf
__getmainargs
_strdup
strcspn
_fdopen
signal
fflush
iswspace
strncpy
_lock
__initenv
raise
puts
__setusermatherr
_mbscmp
_CIpow
_flsbuf

comctl32

ImageList_LoadImageW
ImageList_SetIconSize
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_ReplaceIcon
InitCommonControls
ImageList_DragEnter
ImageList_GetIconSize
ImageList_Write
ImageList_Destroy
ImageList_GetBkColor
ImageList_DrawEx
ImageList_GetIcon

shell32

DragAcceptFiles
DragQueryFileA
SHGetPathFromIDList
ShellExecuteEx
SHBrowseForFolderA
DoEnvironmentSubstW
ExtractIconExW
CommandLineToArgvW
DragQueryFileW
ExtractIconW
ShellExecuteW

oleaut32

SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayCreate
VariantCopy
SysReAllocStringLen
SafeArrayRedim
SafeArrayGetUBound

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e85f51a319deb7849c5b7035fac5e99

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 38KB - Virtual size: 37KB

.data Size: 42KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 34KB

.text
Size: 38KB - Virtual size: 37KB

.data
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 34KB