b23b6f8f2817293fbda894352054d078_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b23b6f8f2817293fbda894352054d078_JaffaCakes118
Size

117KB
MD5

b23b6f8f2817293fbda894352054d078
SHA1

9af3b7f604538e97dd7ef300c100592a716a1012
SHA256

892b72ce662972b6a27f5888ebcade46bd4a064868aef288be30f3b08209e67a
SHA512

d3184f87c56951b7102521285c896f3bf6a935bba2c81ca60f1f14f18a66f1cf0f67a1050d7ae6c2e50a5893dbc7539d237e607533cda2de96012c8f72e944a0
SSDEEP

3072:WMoIV1PwV2TQTlCavExhAU9lqquZQxy7soOyqDYxAdk:WMLPwgZsEvAUbqbZQxy9dxd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b23b6f8f2817293fbda894352054d078_JaffaCakes118

Files

b23b6f8f2817293fbda894352054d078_JaffaCakes118
.exe windows:5 windows x86 arch:x86

275261564451043fab58f99383bb9c03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
FreeEnvironmentStringsW
LocalAlloc
GetStartupInfoA
GlobalUnlock
VirtualFree
GetPrivateProfileStringA
SetErrorMode
GetSystemDirectoryW
MultiByteToWideChar
GetCommandLineW
CompareStringA
IsBadWritePtr
VirtualProtect
DuplicateHandle
SetFileAttributesA

msvcrt

__dllonexit
_onexit
_XcptFilter
log
__p__fmode
exit
fgets
__set_app_type
__getmainargs
_strcmpi
_strlwr
_ismbblead
_adjust_fdiv
strpbrk
_controlfp
_initterm
_acmdln
_except_handler3
__p__commode
__setusermatherr

oleaut32

VariantCopy
SysStringByteLen
SetErrorInfo
SysFreeString
GetActiveObject
VariantClear
SafeArrayGetElement
LoadTypeLib
SysReAllocStringLen
SysAllocStringLen
SafeArrayRedim
VariantCopyInd

user32

GetWindowLongA
GetSystemMetrics
EndDialog
ShowOwnedPopups
LoadStringA
GetMenuItemID
GetClassInfoA
DestroyWindow
RedrawWindow
IsIconic
PeekMessageA
IsWindow
GetSubMenu
LoadBitmapA
GetDlgItem

ole32

RevokeDragDrop
CoRegisterClassObject
IIDFromString
CreateBindCtx
DoDragDrop
CoCreateGuid
CoInitializeSecurity
CoLoadLibrary

shell32

ShellExecuteExA
SHGetPathFromIDListW
ExtractAssociatedIconW
SHFileOperationA

gdi32

StretchBlt
GetWinMetaFileBits
CreateFontA
GetCharWidthA
DPtoLP
GetBkColor
GetEnhMetaFileDescriptionA

comctl32

ImageList_SetBkColor
ImageList_Draw
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_SetDragCursorImage
ImageList_Read
ImageList_SetImageCount
ImageList_Write
InitCommonControls
ImageList_Add
ImageList_Create
ImageList_GetImageInfo

version

GetFileVersionInfoA
GetFileVersionInfoSizeW
VerInstallFileW

advapi32

GetTokenInformation
CryptReleaseContext
RevertToSelf
RegDeleteKeyA
QueryServiceStatus
RegEnumKeyW
RegEnumKeyA
CryptGenRandom
RegSetValueExA
OpenThreadToken
RegDeleteValueW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

275261564451043fab58f99383bb9c03

Headers

File Characteristics

Imports

kernel32

msvcrt

oleaut32

user32

ole32

shell32

gdi32

comctl32

version

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 52KB

.rsrc Size: 105KB - Virtual size: 104KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 52KB

.rsrc
Size: 105KB - Virtual size: 104KB