b6eb2c3c02f9af88929e6c29430ec997_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b6eb2c3c02f9af88929e6c29430ec997_JaffaCakes118
Size

429KB
MD5

b6eb2c3c02f9af88929e6c29430ec997
SHA1

2161367b5fc7695f1b37be3c745162f67735e03f
SHA256

c095944281c6f2d66e3588b5a9c992b8460a8d00523e92f21ad073cd89ab184d
SHA512

6dbff04ab26b109d30b8d3782deaf49c0b329c19bfe09ab534bcb2ec36ee587d04099e493854cab7a46d52da1958c2ed3d71c860425558632201850fd80916a7
SSDEEP

3072:piIQ+74VzW0FNIWl8hDUt+lmX87r1Fq9mjS:Qw4s0Hl86SmXWreV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6eb2c3c02f9af88929e6c29430ec997_JaffaCakes118

Files

b6eb2c3c02f9af88929e6c29430ec997_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71888628f799c6c9288389c7ac459641

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EnumWindows
SetWindowPos
GetSysColor
GetSubMenu
EnableMenuItem
GetMessageA
PostQuitMessage
SetWindowTextA
UnhookWindowsHookEx
FrameRect
GetSysColorBrush
EqualRect
GetScrollPos

kernel32

GetStartupInfoA
GetFileAttributesA
QueryPerformanceCounter
SetUnhandledExceptionFilter
ExitProcess
GetSystemTime
GetTimeZoneInformation
VirtualAllocEx
GetCurrentProcessId
GetTickCount
FileTimeToSystemTime
RtlUnwind
GetACP
GetOEMCP
GetTempPathA
GetThreadLocale
InterlockedExchange

gdi32

CreateICW
CreateCompatibleBitmap
DPtoLP
GetMapMode
FillRgn
SetViewportExtEx
SelectClipPath
ExcludeClipRect
CopyEnhMetaFileA

ole32

CoInitializeSecurity
CoInitialize
CoRevokeClassObject
CoCreateInstance
DoDragDrop
CoTaskMemRealloc
StringFromGUID2
StgOpenStorage
OleRun

advapi32

RegQueryValueExW
FreeSid
GetSecurityDescriptorDacl
QueryServiceStatus
CryptHashData
RegCreateKeyA
GetUserNameA
CheckTokenMembership
AdjustTokenPrivileges
RegCreateKeyExW

msvcrt

strncpy
__setusermatherr
fflush
signal
_mbscmp
_CIpow
strlen
iswspace
fprintf
strcspn
__getmainargs
_strdup
raise
__initenv
_flsbuf
_fdopen
_lock
puts

comctl32

ImageList_LoadImageW
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_DrawEx
ImageList_Write
InitCommonControls
ImageList_DragEnter
ImageList_Destroy
ImageList_LoadImageA
ImageList_GetIconSize

shell32

SHGetPathFromIDList
DoEnvironmentSubstW
ExtractIconExW
ExtractIconW
DragQueryFileW
DragAcceptFiles
ShellExecuteW
CommandLineToArgvW
SHBrowseForFolderA
DragQueryFileA
ShellExecuteEx

oleaut32

SafeArrayUnaccessData
SafeArrayRedim
SafeArrayPutElement
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCreate

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71888628f799c6c9288389c7ac459641

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 6KB - Virtual size: 5KB