af22595ffb014d69f401443d30e5c3fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af22595ffb014d69f401443d30e5c3fd_JaffaCakes118
Size

114KB
MD5

af22595ffb014d69f401443d30e5c3fd
SHA1

10d84fbb9ae413d917869d69f9dd93ebf5893783
SHA256

7aab721de02512f4eb36f501bd6a0227468cb04977e85723a69d0151ae924f70
SHA512

560c6cce730e04eba247eabd5cb421cd3c7d201c8843921ed5bca08fd284dedd024452504f4be337dab56a0c795b296fca0b07e2db795b55fa7050885d3aa354
SSDEEP

3072:4Kts2DCspSqfmqKILVWiERqvgl/G80RiSSveKOqdT+06:4Ede2fCuVWiERD0iSSeUN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af22595ffb014d69f401443d30e5c3fd_JaffaCakes118

Files

af22595ffb014d69f401443d30e5c3fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b84c02747e7e16b64652cb6a9bd53cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesA
VirtualProtect
GetModuleHandleA
OutputDebugStringA
GetLocalTime
GetStartupInfoA
GetFileAttributesW
LocalFileTimeToFileTime

msvcrt

__set_app_type
ceil
putchar
strcmp
__p__commode
_initterm
_except_handler3
printf
_cexit
__p__fmode
__setusermatherr
sprintf
_acmdln
_XcptFilter
_snprintf
__getmainargs
_adjust_fdiv
time
strncmp
log
exit

user32

EmptyClipboard
IsWindow
GetCapture
SetClipboardData
GetKeyboardType
DrawEdge
EnableMenuItem
TrackPopupMenu
IsRectEmpty
GetWindowRect
UpdateWindow
OpenClipboard

advapi32

RevertToSelf
DeleteService
OpenServiceA
RegCreateKeyExA
OpenSCManagerW
RegOpenKeyExW
GetSecurityDescriptorDacl
AllocateAndInitializeSid
SetSecurityDescriptorDacl
FreeSid
GetLengthSid

comctl32

ImageList_GetIcon
ImageList_Replace
PropertySheetW
ImageList_LoadImageA
ImageList_SetIconSize
ImageList_GetBkColor

ole32

CoTaskMemFree
CoUninitialize
RegisterDragDrop
CreateBindCtx
CreateStreamOnHGlobal
StringFromIID
OleIsCurrentClipboard
CoFreeUnusedLibraries
OleSetMenuDescriptor
OleInitialize
CoRegisterClassObject
CLSIDFromString

shell32

SHCreateDirectoryExA
DragQueryFileW
SHGetFileInfo
SHGetFileInfoA
ShellExecuteW
SHGetSpecialFolderLocation
ShellExecuteExA
Shell_NotifyIconA
SHBindToParent
SHGetFolderPathA
SHFileOperationW
DragFinish
DragQueryFile

version

GetFileVersionInfoA
VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueW
VerLanguageNameA

oleaut32

SafeArrayRedim
SysFreeString
SetErrorInfo
SysAllocStringLen
VariantClear
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayGetElement

gdi32

GetTextFaceW
Ellipse
Arc
SetBkMode
CreateFontIndirectW
ScaleWindowExtEx
CreateBitmap
GetStretchBltMode

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b84c02747e7e16b64652cb6a9bd53cf

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

comctl32

ole32

shell32

version

oleaut32

gdi32

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 18KB - Virtual size: 17KB