b507c937b3b9faf1d4e8593883eac32d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b507c937b3b9faf1d4e8593883eac32d_JaffaCakes118
Size

119KB
MD5

b507c937b3b9faf1d4e8593883eac32d
SHA1

4c95bf26b78c8e4209c6df899edd54c60d05c254
SHA256

f686562f85e8219d8ba955cadf46adc6a8b0997b37126b90ccee7673ac915289
SHA512

5b4e655af2b8d9d0db23f249f4a6e538241cedef532814225382c6ac30f22dad6e37c39495475167696b296c0a7198810aff8e986619c89c8342268ca7ff0853
SSDEEP

1536:03+FR+wqcBmbB5jbsdcniIiGumBojd9hH2nX0N2LvAK8p71iyQXXQ2VyPwxwxv/X:G+NKBxbsCiIiGe9VcX0N2LB8F1ihg2w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b507c937b3b9faf1d4e8593883eac32d_JaffaCakes118

Files

b507c937b3b9faf1d4e8593883eac32d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce4db09a26e3ff5c1af090df37d57b74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSysColor
EnableMenuItem
GetSysColorBrush
GetSubMenu
SetWindowTextA
EnumWindows
FrameRect
SetWindowPos
GetScrollPos
PostQuitMessage
EqualRect
GetMessageA
UnhookWindowsHookEx

kernel32

GetACP
QueryPerformanceCounter
GetFileAttributesA
GetOEMCP
GetCurrentProcessId
GetTempPathA
GetTimeZoneInformation
FileTimeToSystemTime
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedExchange
GetTickCount
GetSystemTime
RtlUnwind
VirtualAllocEx
GetThreadLocale
ExitProcess

gdi32

GetMapMode
SelectClipPath
CreateICW
ExcludeClipRect
SetViewportExtEx
CopyEnhMetaFileA
CreateCompatibleBitmap
FillRgn
DPtoLP

ole32

OleRun
DoDragDrop
StringFromGUID2
CoRevokeClassObject
CoInitializeSecurity
CoTaskMemRealloc
CoInitialize
CoCreateInstance
StgOpenStorage

advapi32

GetSecurityDescriptorDacl
CryptHashData
QueryServiceStatus
GetUserNameA
RegQueryValueExW
AdjustTokenPrivileges
CheckTokenMembership
FreeSid
RegCreateKeyA
RegCreateKeyExW

msvcrt

__getmainargs
signal
strncpy
strlen
_CIpow
_flsbuf
_strdup
__initenv
_fdopen
raise
_mbscmp
iswspace
_lock
puts
fprintf
fflush
strcspn
__setusermatherr

comctl32

ImageList_LoadImageW
ImageList_Destroy
InitCommonControls
ImageList_DrawEx
ImageList_LoadImageA
ImageList_DragEnter
ImageList_Write
ImageList_GetBkColor
ImageList_SetIconSize
CreatePropertySheetPageA
ImageList_GetIcon
ImageList_GetIconSize
ImageList_ReplaceIcon

shell32

ShellExecuteEx
DragAcceptFiles
CommandLineToArgvW
DoEnvironmentSubstW
SHGetPathFromIDList
DragQueryFileA
SHBrowseForFolderA
DragQueryFileW
ExtractIconExW
ExtractIconW
ShellExecuteW

oleaut32

SysReAllocStringLen
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayRedim
SafeArrayCreate
VariantCopy
SafeArrayPutElement
SafeArrayUnaccessData

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

efaignh
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce4db09a26e3ff5c1af090df37d57b74

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 45KB - Virtual size: 45KB

.rsrc Size: 33KB - Virtual size: 34KB

efaignh Size: - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 45KB - Virtual size: 45KB

.rsrc
Size: 33KB - Virtual size: 34KB

efaignh
Size: - Virtual size: 4KB