b5e8161909adfb7fea430c23640d545e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5e8161909adfb7fea430c23640d545e_JaffaCakes118
Size

137KB
MD5

b5e8161909adfb7fea430c23640d545e
SHA1

3ba25026277bbe6b22b1a6a155f878e3308cd1c9
SHA256

a47af757087ba8b427dd0b323bb979b1767f430a38a94b6ed57470bf3873f109
SHA512

9d1719314af03691bee1081dc45f02c4c2b401998d27502c38ee405e30d6eb32e508400cd0329b5c269e428e667ee079f8cb093b3dd735658b4ed193cbe6f708
SSDEEP

3072:LZ11+XrsdDEbsJbnNHBA3nwqWZqEP8QzKTnmrGsMQF6ksKfMf:NerDYBnJBA3Kq88orGsN6ksf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5e8161909adfb7fea430c23640d545e_JaffaCakes118

Files

b5e8161909adfb7fea430c23640d545e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0935c35040528f19c66044787e6c830

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
RaiseException
LCMapStringA
CreateFileMappingA
GetModuleHandleA
GetFileTime
GetEnvironmentStrings
IsBadWritePtr
GetStartupInfoA
DeleteFileW
GetTempPathA
GetTempFileNameA
LocalFree
GetConsoleMode

msvcrt

__dllonexit
__setusermatherr
exit
memmove
strstr
_controlfp
atexit
__p__commode
_itow
_initterm
_XcptFilter
_adjust_fdiv
wcsncmp
_acmdln
__getmainargs
log10
__p__fmode
fgetpos
__set_app_type
_c_exit
_close
_except_handler3

version

VerInstallFileW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
VerInstallFileA
VerLanguageNameA
VerFindFileW

comctl32

CreateStatusWindowA
InitCommonControls
ImageList_DragEnter
CreatePropertySheetPageW
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_Create
ImageList_DrawEx
ImageList_SetImageCount
ImageList_Draw
ImageList_Add
ImageList_Replace

shell32

SHGetSpecialFolderPathA
SHCreateDirectoryExA
DragQueryFileW
SHGetDiskFreeSpaceExW
SHFileOperationW
SHGetSettings
ShellExecuteExA

user32

CallWindowProcA
GetForegroundWindow
RegisterClassA
IsWindowEnabled
CloseClipboard
SetPropA
SetMenu
ReleaseCapture
SystemParametersInfoA
GetIconInfo
SetWindowPos
DrawMenuBar
GetMenuState
GetSubMenu

gdi32

GetROP2
SetWindowOrgEx
GetObjectType
GetTextFaceW
CloseEnhMetaFile
SetWinMetaFileBits
TextOutW
GdiFlush
BeginPath

oleaut32

CreateErrorInfo
GetErrorInfo
SysReAllocStringLen
SysAllocStringLen
SafeArrayPutElement
SafeArrayPtrOfIndex
GetActiveObject

ole32

IsAccelerator
CoTaskMemAlloc
CoTaskMemRealloc
OleFlushClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
RegisterDragDrop

advapi32

GetLengthSid
RegSetValueExW
RegQueryInfoKeyA
RegDeleteKeyW
AllocateAndInitializeSid
CryptCreateHash

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0935c35040528f19c66044787e6c830

Headers

File Characteristics

Imports

kernel32

msvcrt

version

comctl32

shell32

user32

gdi32

oleaut32

ole32

advapi32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 99KB - Virtual size: 176KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 99KB - Virtual size: 176KB