b6fdb2e6819137d92fdb6127d1c0ba58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6fdb2e6819137d92fdb6127d1c0ba58_JaffaCakes118
Size

212KB
MD5

b6fdb2e6819137d92fdb6127d1c0ba58
SHA1

9df123676d70f2f0f4e2ed8dfa57865f54916a01
SHA256

088a93ced3269ce9742a2be141c1a9265c5ed820f2d16dbd60485a3d7d6faf8d
SHA512

eca296ce965415efeeba821303812d18a292684bdcbdfaf49413d55bd8b7ae28ad020c759ef296d21d584b6eb4d3de7da687bfc92d98b89dc4d9242ed8e76829
SSDEEP

3072:Unl6ElkARO8STi/ar+Y48Lw2S1uiWSuXKOMbqWyb2n4vKm67:Un8E+ARO8cuarHU1uHSeZWw24vKf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6fdb2e6819137d92fdb6127d1c0ba58_JaffaCakes118

Files

b6fdb2e6819137d92fdb6127d1c0ba58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3280dd3427aaee9b1cde9d2a79fe7e6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

OleLoadPicture

gdi32

CreatePalette

ole32

CreateBindCtx
OleCreateStaticFromData
CreateOleAdviseHolder
WriteClassStm
StgCreateDocfileOnILockBytes
CoCreateFreeThreadedMarshaler
CreateBindCtx

msvcrt

mbstowcs
exp

version

VerFindFileA
VerQueryValueA

user32

GetWindowLongA
GetKeyboardType
GetMessagePos
GetLastActivePopup
GetSubMenu
GetMenuItemCount
GetWindow
GetMenu
GetSystemMenu
GetSysColor
GetKeyboardLayoutList
GetKeyNameTextA
GetScrollPos
GetMenuItemID
GetWindowDC
GetPropA
GetSysColorBrush
GetMenuStringA
GetTopWindow
GetMenuItemInfoA
GetKeyboardLayout
GetIconInfo
GetKeyboardLayoutNameA
GetWindowLongW
GetMenuState
GetScrollRange
GetScrollInfo
GetKeyState
GetKeyboardState
GetParent

advapi32

GetLengthSid
RegEnumKeyExA

shell32

SHGetSpecialFolderLocation
SHGetFileInfoA
Shell_NotifyIconA
DragQueryFileA
SHGetDiskFreeSpaceA

comctl32

ImageList_Destroy

kernel32

LoadLibraryExA
GetVersionExA
ExitThread
ExitProcess
VirtualAllocEx
GlobalAlloc
GetCommandLineA
GetModuleHandleA
GetACP
LoadLibraryA
GetLastError
IsBadReadPtr
GetProcAddress
IsBadHugeReadPtr

comdlg32

GetOpenFileNameA
FindTextA

shlwapi

SHGetValueA
SHSetValueA

Sections

CODE
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1015B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3280dd3427aaee9b1cde9d2a79fe7e6b

Headers

File Characteristics

Imports

oleaut32

gdi32

ole32

msvcrt

version

user32

advapi32

shell32

comctl32

kernel32

comdlg32

shlwapi

Sections

CODE Size: 172KB - Virtual size: 169KB

.rdata Size: 4KB - Virtual size: 1015B

.data Size: 4KB - Virtual size: 81KB

DATA Size: 4KB - Virtual size: 2KB

.gdata Size: 8KB - Virtual size: 7KB

.hdata Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

CODE
Size: 172KB - Virtual size: 169KB

.rdata
Size: 4KB - Virtual size: 1015B

.data
Size: 4KB - Virtual size: 81KB

DATA
Size: 4KB - Virtual size: 2KB

.gdata
Size: 8KB - Virtual size: 7KB

.hdata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB