b23b2a581b9ef33ad99b5f012ef2046a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b23b2a581b9ef33ad99b5f012ef2046a_JaffaCakes118
Size

213KB
MD5

b23b2a581b9ef33ad99b5f012ef2046a
SHA1

33c5348895e4de9a26f2e9b34e8b2de231a7ef9b
SHA256

6d39154d0eb987887759a8cd1dbcd39c7cde7eeb257181ee2b26a47406124c16
SHA512

035d7ee21c9b4eb446f6030272d75dbec476c474060495e113f1a1d189ab17aa4ab009f4c0152188bdbe9314a8da8730f989f2e9b972fc902fe05f6edbda5176
SSDEEP

3072:AZSQmSLLxssVR7Vy+uYNu3GXJotM4s7tb7TLNf4VFGNdTfJhrL9ui8cyOGtjaG8:GSu7VRpyYu2XaWBtbCGvTfPx18cPG9a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b23b2a581b9ef33ad99b5f012ef2046a_JaffaCakes118

Files

b23b2a581b9ef33ad99b5f012ef2046a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45689b25ee1b164708707130752bf62d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
AdjustTokenPrivileges
CopySid
CryptHashData
DeregisterEventSource
InitializeSecurityDescriptor
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteKeyW
RegEnumValueA
RegFlushKey
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueA
RegSetValueExA
RevertToSelf

comctl32

CreatePropertySheetPageW
CreateToolbarEx
DestroyPropertySheetPage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_SetImageCount
InitCommonControlsEx
PropertySheetA
PropertySheetW

user32

CallNextHookEx
CallWindowProcA
CloseClipboard
DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
GetCapture
GetClientRect
GetDCEx
GetMenuState
GetMessageA
GetSysColor
GetSystemMenu
GetWindowTextA
InflateRect
InsertMenuItemA
IntersectRect
RegisterClassA
RegisterClipboardFormatA
ReleaseCapture
ReleaseDC
SendMessageA
SetClassLongA
SetWindowsHookExA
TranslateMessage
UnhookWindowsHookEx

shell32

DoEnvironmentSubstW
DragQueryFile
ExtractIconA
ExtractIconW
FindExecutableW
SHAddToRecentDocs
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteEx
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconW

gdi32

AddFontResourceA
Chord
CloseEnhMetaFile
CreateBrushIndirect
CreateDCA
CreateDCW
CreatePenIndirect
Escape
ExtCreatePen
ExtFloodFill
FillPath
GetBrushOrgEx
GetDIBColorTable
GetEnhMetaFileDescriptionA
GetMapMode
GetViewportOrgEx
LineTo
OffsetRgn
Pie
PtInRegion
ScaleViewportExtEx
SetDIBitsToDevice
SetMapperFlags
SetPixel
StretchDIBits
TranslateCharsetInfo

kernel32

FindResourceW
FlushFileBuffers
GetDiskFreeSpaceA
GetDriveTypeA
GetFileSize
GetModuleFileNameA
GetSystemDefaultLCID
GetSystemDirectoryW
GlobalDeleteAtom
GlobalFindAtomA
HeapAlloc
HeapSize
IsDBCSLeadByte
MulDiv
OpenProcess
SetFileAttributesA
SetHandleCount
UnmapViewOfFile
WaitForSingleObject

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45689b25ee1b164708707130752bf62d

Headers

File Characteristics

Imports

advapi32

comctl32

user32

shell32

gdi32

kernel32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 98KB - Virtual size: 97KB

.rsrc Size: 22KB - Virtual size: 140KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 98KB - Virtual size: 97KB

.rsrc
Size: 22KB - Virtual size: 140KB