b7a6c4504d00404c34bbc91aae9a1dcc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7a6c4504d00404c34bbc91aae9a1dcc_JaffaCakes118
Size

83KB
MD5

b7a6c4504d00404c34bbc91aae9a1dcc
SHA1

536ffae7b36877452e543338751762bcce92c68b
SHA256

e10f3ddb9460d003c5c66c01e3eddcdb1308346f380e3b1584cd735d91802366
SHA512

daf91b3838fee1513919df52dbb23a9d5c6b9e01a5392016939e31324cabd576d17041b01ddccaad614f04713630ef98242ba9ede212bd8249d6992747066170
SSDEEP

1536:yuDjU3Br7YjEto66oluURrqw04D8Unv1dbriN0TX2WLpHD:bM3Br7FyxURWZ4D8Uv1Jm4mWNH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7a6c4504d00404c34bbc91aae9a1dcc_JaffaCakes118

Files

b7a6c4504d00404c34bbc91aae9a1dcc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c6464dc23b012bae7b6538c946f5ba07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EnableMenuItem
FrameRect
SetWindowPos
GetSysColor
GetSysColorBrush
EqualRect
EnumWindows
GetSubMenu
PostQuitMessage
UnhookWindowsHookEx
GetMessageA
SetWindowTextA
GetScrollPos

kernel32

SetUnhandledExceptionFilter
GetTickCount
InterlockedExchange
GetTempPathA
VirtualAllocEx
GetTimeZoneInformation
GetOEMCP
GetACP
GetSystemTime
RtlUnwind
FileTimeToSystemTime
GetStartupInfoA
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
GetThreadLocale
GetFileAttributesA

gdi32

CreateICW
DPtoLP
GetMapMode
SetViewportExtEx
ExcludeClipRect
CreateCompatibleBitmap
CopyEnhMetaFileA
SelectClipPath
FillRgn

ole32

CoInitialize
CoCreateInstance
StringFromGUID2
StgOpenStorage
CoInitializeSecurity
CoTaskMemRealloc
CoRevokeClassObject
OleRun
DoDragDrop

advapi32

RegCreateKeyExW
CryptHashData
GetSecurityDescriptorDacl
CheckTokenMembership
AdjustTokenPrivileges
GetUserNameA
RegQueryValueExW
RegCreateKeyA
FreeSid
QueryServiceStatus

msvcrt

signal
_mbscmp
raise
strncpy
_lock
_fdopen
strcspn
__initenv
fflush
puts
_flsbuf
_strdup
iswspace
strlen
fprintf
_CIpow
__getmainargs
__setusermatherr

comctl32

CreatePropertySheetPageA
ImageList_LoadImageW
ImageList_DragEnter
ImageList_ReplaceIcon
InitCommonControls
ImageList_DrawEx
ImageList_Destroy
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_GetIcon
ImageList_SetIconSize
ImageList_Write
ImageList_GetBkColor

shell32

DragQueryFileW
ShellExecuteW
CommandLineToArgvW
SHGetPathFromIDList
ExtractIconExW
DragAcceptFiles
ShellExecuteEx
DoEnvironmentSubstW
SHBrowseForFolderA
DragQueryFileA
ExtractIconW

oleaut32

SafeArrayCreate
VariantCopy
SafeArrayUnaccessData
SafeArrayRedim
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6464dc23b012bae7b6538c946f5ba07

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 6KB - Virtual size: 5KB