b538021cdc63b5d971e77440e2c178bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b538021cdc63b5d971e77440e2c178bd_JaffaCakes118
Size

210KB
MD5

b538021cdc63b5d971e77440e2c178bd
SHA1

db3684c92c4fac219138e7353bc80d703c34c5a8
SHA256

9c6c6125d135aa490b76557688b6a6328aa42a92a3152ac73edda39245cb98df
SHA512

070de8d5dbfbd74ffe10c48a44096fc75e7b302b335262c0d35e1f714fb1269c8bc720047478437ec13a7edc489c21d2bae5eab36cf837f1191c0a8ca17841ab
SSDEEP

3072:m9BIWNEVijWx9RLY/1coHamynLCtObLNgkdZISRtKR0xrQk7MMWMf7hGzvuefEjC:yiijWCxhAo0qHSjFQnl2v6cY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b538021cdc63b5d971e77440e2c178bd_JaffaCakes118

Files

b538021cdc63b5d971e77440e2c178bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb0d694c4808ae38d5d698f9005d8a12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoInitializeSecurity
CoMarshalInterThreadInterfaceInStream
CreateStreamOnHGlobal
IIDFromString
IsEqualGUID
OleIsCurrentClipboard
ProgIDFromCLSID
RegisterDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorage
StgOpenStorageOnILockBytes

user32

ClientToScreen
DispatchMessageA
EnumThreadWindows
EnumWindows
FrameRect
GetDCEx
GetMenu
GetMessageA
InflateRect
OffsetRect
PtInRect
SetClassLongA
SetCursor
SetWindowTextA
ShowCursor

advapi32

AllocateAndInitializeSid
CheckTokenMembership
GetTokenInformation
IsValidSid
OpenThreadToken
RegOpenKeyA
SetSecurityDescriptorDacl

gdi32

CreateCompatibleBitmap
CreateMetaFileW
CreatePenIndirect
DeleteObject
EnumEnhMetaFile
EnumFontsA
EnumMetaFile
FillPath
Polygon
SaveDC
SetAbortProc
SetBkColor
SetTextCharacterExtra

comctl32

CreateStatusWindowA
ImageList_DragEnter
ImageList_GetBkColor
ImageList_LoadImageW
ImageList_SetImageCount
PropertySheetA

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
ExtractIconA
ExtractIconExW
ExtractIconW
SHAppBarMessage
SHChangeNotify
SHFileOperationW
SHGetFileInfo
SHGetSpecialFolderPathA
ShellExecuteA
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconW

kernel32

FileTimeToDosDateTime
FindNextFileA
GetACP
GetCPInfo
GetConsoleOutputCP
GetCurrentDirectoryA
GetDriveTypeA
GetEnvironmentStrings
GetFileSize
GetOEMCP
GetSystemDirectoryA
GetTempFileNameA
GlobalFree
HeapCreate
TlsAlloc
TlsGetValue
VirtualAlloc
lstrcatA
lstrcmpiW

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

mDBKCO54
Size: 1KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb0d694c4808ae38d5d698f9005d8a12

Headers

File Characteristics

Imports

ole32

user32

advapi32

gdi32

comctl32

shell32

kernel32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

mDBKCO54 Size: 1KB - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

mDBKCO54
Size: 1KB - Virtual size: 120KB