add6dcd94bc63321e6aa732b3c617bd7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

add6dcd94bc63321e6aa732b3c617bd7_JaffaCakes118
Size

83KB
MD5

add6dcd94bc63321e6aa732b3c617bd7
SHA1

f1b4e0e522defe354b8641624610f72a938d604e
SHA256

98da6935af7c7e8b2c92ff622848cc36b2a4cd3c195894730a5a45fd41bf23ec
SHA512

90274e1cdcda787e1238274561a6b836622b4e556147b52ff35d0bb802876df075d69ce6d8632efc068156a9f7720d112c371d6859aa165fe9dd3b7e769d7d86
SSDEEP

1536:XBAi1ihrhNkiHxaLuDzDskkAEJ1OO6P8RS1ngjgIgzfU1SXVBpBIW5uB2Whf1gTL:x2rhNkiHxSKs590O6P8Rg0gIgzsEVP6C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
add6dcd94bc63321e6aa732b3c617bd7_JaffaCakes118

Files

add6dcd94bc63321e6aa732b3c617bd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0797508126e5a78c4b55a8b3156176a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetMessageA
FrameRect
GetScrollPos
PostQuitMessage
GetSubMenu
UnhookWindowsHookEx
SetWindowTextA
EnableMenuItem
EqualRect
EnumWindows
GetSysColorBrush
GetSysColor
SetWindowPos

kernel32

GetFileAttributesA
QueryPerformanceCounter
GetSystemTime
RtlUnwind
InterlockedExchange
SetUnhandledExceptionFilter
GetStartupInfoA
GetTempPathA
GetCurrentProcessId
GetThreadLocale
GetTickCount
GetACP
GetTimeZoneInformation
ExitProcess
FileTimeToSystemTime
GetOEMCP
VirtualAllocEx

gdi32

FillRgn
SelectClipPath
CreateCompatibleBitmap
SetViewportExtEx
DPtoLP
CopyEnhMetaFileA
GetMapMode
ExcludeClipRect
CreateICW

ole32

DoDragDrop
StgOpenStorage
OleRun
StringFromGUID2
CoRevokeClassObject
CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoInitializeSecurity

advapi32

QueryServiceStatus
RegCreateKeyExW
FreeSid
CheckTokenMembership
RegQueryValueExW
GetUserNameA
AdjustTokenPrivileges
GetSecurityDescriptorDacl
CryptHashData
RegCreateKeyA

msvcrt

_mbscmp
_strdup
strlen
__setusermatherr
strncpy
_lock
raise
signal
__initenv
puts
_fdopen
_flsbuf
_CIpow
strcspn
fflush
fprintf
__getmainargs
iswspace

comctl32

ImageList_DrawEx
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_SetIconSize
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_DragEnter
ImageList_LoadImageA
ImageList_GetIcon
InitCommonControls
ImageList_Destroy
ImageList_Write
ImageList_LoadImageW

shell32

ShellExecuteW
SHGetPathFromIDList
DragQueryFileA
SHBrowseForFolderA
ExtractIconW
DragQueryFileW
ShellExecuteEx
CommandLineToArgvW
DragAcceptFiles
DoEnvironmentSubstW
ExtractIconExW

oleaut32

SafeArrayUnaccessData
SafeArrayPutElement
VariantCopy
SafeArrayPtrOfIndex
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayCreate
SafeArrayRedim

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0797508126e5a78c4b55a8b3156176a8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 76KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 76KB