ad98a2c1f7a0a147345445da84c99c39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad98a2c1f7a0a147345445da84c99c39_JaffaCakes118
Size

140KB
MD5

ad98a2c1f7a0a147345445da84c99c39
SHA1

56fc1fdabac44840a8bba996f217f9309324be9e
SHA256

cc99fa869f42de2f5d644bade7da62f8d02825a392a8cb0d8c2c390f43b357ac
SHA512

089de4752d67adb07055a87aafea6ad99bef63eb94d31a93269b0e1175857a4a9ec4bde69edf6539c5fa2712e289360aac0c501c4e27b526f7cc12bf7d0520b9
SSDEEP

3072:sQEQI2/poSFDUe9G0p1vf0HP8+xX/LbK4yd3OKagvkVWf:7VDSP9DbLygKag8q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad98a2c1f7a0a147345445da84c99c39_JaffaCakes118

Files

ad98a2c1f7a0a147345445da84c99c39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11fdda0527c1c56d399c3e4c0997fa37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MultiByteToWideChar
GetSystemTime
GetModuleHandleA
IsValidCodePage
VirtualProtect
GetEnvironmentStrings
WaitForSingleObject
GetLocalTime
ExpandEnvironmentStringsA
GetStartupInfoA
lstrcmpiW
SetEnvironmentVariableA
VirtualQuery
GetModuleHandleW
InterlockedExchange
GetLastError

msvcrt

setlocale
_controlfp
__setusermatherr
_initterm
wcstol
fwrite
_except_handler3
_unlock
_acmdln
_filelengthi64
__set_app_type
_mbsrchr
toupper
__p__fmode
exit
_adjust_fdiv
_XcptFilter
__p__commode
__getmainargs
log10

comctl32

ImageList_Add
ImageList_Read
ImageList_BeginDrag
ImageList_DrawEx
InitCommonControlsEx
ImageList_Write

ole32

CoSetProxyBlanket
OleInitialize
OleSetClipboard
CoCreateInstance
GetRunningObjectTable
CoTaskMemFree
CreateILockBytesOnHGlobal
RevokeDragDrop
CoCreateGuid

oleaut32

SysStringLen
SysReAllocStringLen
GetActiveObject
SafeArrayGetUBound
SafeArrayPutElement
SafeArrayGetElement

version

VerInstallFileW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerFindFileW
VerLanguageNameA
GetFileVersionInfoA

user32

GetCapture
BeginPaint
GetWindow
FrameRect
GetClassInfoA
ShowCursor
DrawTextA
GetSysColorBrush
ClientToScreen
SendDlgItemMessageA

gdi32

DPtoLP
ExtCreateRegion
BeginPath
PlayMetaFileRecord
SetRectRgn
GetObjectA
SaveDC
PtInRegion
StartDocW
SelectClipRgn
RectInRegion

advapi32

GetUserNameA
RegQueryValueA
SetSecurityDescriptorOwner
OpenProcessToken
RegEnumKeyExW
RegEnumKeyExA
LookupPrivilegeValueA
RegEnumValueA
RegEnumKeyA
RegCreateKeyExA

shell32

CommandLineToArgvW
DragQueryFileW
SHGetFolderPathW
SHGetDiskFreeSpaceExW
ExtractAssociatedIconW
SHBrowseForFolderW
SHAppBarMessage
ExtractIconExA
ShellExecuteExW
DragQueryFile

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11fdda0527c1c56d399c3e4c0997fa37

Headers

File Characteristics

Imports

kernel32

msvcrt

comctl32

ole32

oleaut32

version

user32

gdi32

advapi32

shell32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 18KB - Virtual size: 42KB

.rsrc Size: 102KB - Virtual size: 101KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 18KB - Virtual size: 42KB

.rsrc
Size: 102KB - Virtual size: 101KB