b5f9b1a95debb529a64777411241fc76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5f9b1a95debb529a64777411241fc76_JaffaCakes118
Size

82KB
MD5

b5f9b1a95debb529a64777411241fc76
SHA1

eb42dcac8095566a4ec4f082a3111a02bb53388f
SHA256

7947acad862a0f366a01c650ead26f21c664a8f542cb389854e02f198ad7bbcd
SHA512

b725b893f5ebd67be10785777fa8aee66b9ff03b3738b2fac39c5826491ba4f8537a33d8f67ba4c23cb31a539e341a4660df319418e8a421e26547d8101e71d6
SSDEEP

1536:bWtalcJ+BhL5IULqDFecEnR6Cv/YT631DMEPwISWWv9sLUcHkmCcrDR3Isp:b3f5+D0c0kK/TMgwISt16YIRIs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5f9b1a95debb529a64777411241fc76_JaffaCakes118

Files

b5f9b1a95debb529a64777411241fc76_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a1633b38d95a424255a0f7bbd6bc4681

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

FrameRect
PostQuitMessage
GetMessageA
SetWindowTextA
GetScrollPos
EnableMenuItem
GetSubMenu
UnhookWindowsHookEx
SetWindowPos
GetSysColor
EqualRect
EnumWindows
GetSysColorBrush

kernel32

GetThreadLocale
GetCurrentProcessId
ExitProcess
GetFileAttributesA
GetSystemTime
FileTimeToSystemTime
RtlUnwind
SetUnhandledExceptionFilter
VirtualAllocEx
GetACP
InterlockedExchange
GetTempPathA
QueryPerformanceCounter
GetTimeZoneInformation
GetStartupInfoA

gdi32

CreateCompatibleBitmap
ExcludeClipRect
FillRgn
GetMapMode
CreateICW
DPtoLP
SetViewportExtEx
SelectClipPath
CopyEnhMetaFileA

ole32

OleRun
CoInitialize
CoTaskMemRealloc
CoRevokeClassObject
DoDragDrop
CoCreateInstance
StringFromGUID2
StgOpenStorage
CoInitializeSecurity

advapi32

GetSecurityDescriptorDacl
RegCreateKeyExW
QueryServiceStatus
CheckTokenMembership
FreeSid
RegQueryValueExW
CryptHashData
GetUserNameA
RegCreateKeyA
AdjustTokenPrivileges

msvcrt

signal
__getmainargs
iswspace
_mbscmp
raise
__initenv
puts
_flsbuf
fflush
__setusermatherr
strncpy
_CIpow
fprintf
_strdup
_lock
strlen
_fdopen
strcspn

comctl32

ImageList_Destroy
InitCommonControls
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_DragEnter
ImageList_Write
CreatePropertySheetPageA
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetBkColor
ImageList_SetIconSize
ImageList_LoadImageW
ImageList_ReplaceIcon

shell32

DragAcceptFiles
CommandLineToArgvW
DoEnvironmentSubstW
DragQueryFileW
ExtractIconExW
ShellExecuteEx
SHBrowseForFolderA
DragQueryFileA
ShellExecuteW
SHGetPathFromIDList
ExtractIconW

oleaut32

SafeArrayUnaccessData
SafeArrayRedim
SafeArrayCreate
SafeArrayPtrOfIndex
VariantCopy
SysReAllocStringLen
SafeArrayPutElement
SafeArrayGetUBound

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a1633b38d95a424255a0f7bbd6bc4681

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 80KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 80KB