b7efbe88d073c963d4b182ee080dd181_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7efbe88d073c963d4b182ee080dd181_JaffaCakes118
Size

95KB
MD5

b7efbe88d073c963d4b182ee080dd181
SHA1

8302f96219484bbe690469a745626f8af7949c9a
SHA256

7aa151e0a96c7fcec5783ddb18b98f3a3d4cbc3dba91b1e7cbf44b839ada656a
SHA512

e0217e4d536a24a591f8e9b7c45f6c236541501be33a9b856ba6b35dc412167cdc9b1742ce9653ea9777406d4fe0f4003c181d9f57599aec7de188f056823720
SSDEEP

1536:G24lgTXxmu34jaw3umNq2guwmmsV7bK/b+9fI31tY7EDnzMY8mxHPG23jHxSqy73:I2bwu3HANtgug2mj+9w4EDnzGIZVyIVo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7efbe88d073c963d4b182ee080dd181_JaffaCakes118

Files

b7efbe88d073c963d4b182ee080dd181_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce496322c16ad14ddb96193517648a9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetUserDefaultLCID
Sleep
OpenProcess
GetCPInfo
GetVersion
GlobalFree
GetACP
GetDateFormatA
DeleteFileW
IsValidCodePage
GetStringTypeA
IsBadCodePtr
WritePrivateProfileStringA
GetTickCount
QueryPerformanceCounter
DuplicateHandle
UnhandledExceptionFilter
FindClose
ExitProcess
VirtualAllocEx
GetOEMCP
DisableThreadLibraryCalls
GetCurrentDirectoryA
GetStartupInfoA

shell32

ExtractIconExA
ShellExecuteW
SHGetDesktopFolder
SHGetPathFromIDListW
DragFinish
ShellExecuteA
DragAcceptFiles
SHGetPathFromIDList

advapi32

RegEnumValueW
SetSecurityDescriptorDacl
CryptGenRandom
RegSetValueExA
AddAccessAllowedAce
RegDeleteKeyA
InitializeSecurityDescriptor
CopySid

msvcrt

strlen
vsprintf
malloc
iswspace
_getch
calloc
localeconv
strcspn
puts

comctl32

ImageList_SetIconSize
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_SetImageCount
ImageList_Create
InitCommonControls
CreateStatusWindowA
ImageList_DrawEx
CreatePropertySheetPageA

gdi32

SetBrushOrgEx
GetCharWidthA
TextOutA
CreateRoundRectRgn
Escape
CreateDCW
GetOutlineTextMetricsA
PlayMetaFileRecord
SetViewportExtEx
CreateBrushIndirect
GetBkMode
GetTextFaceW
SetROP2
PolyDraw
CreateEnhMetaFileA
GetViewportExtEx
SetViewportOrgEx
CreateRectRgn

user32

EndPaint
ShowCursor
SendDlgItemMessageA
GetWindowRect
UpdateWindow
wsprintfA
SetWindowTextA
GetSysColor

oleaut32

SafeArrayGetElement
SysFreeString
GetActiveObject
SafeArrayPtrOfIndex
VariantInit
SafeArrayCreate
SysStringByteLen
SysReAllocStringLen
LoadTypeLib
SetErrorInfo

ole32

CoRegisterMessageFilter
CreateStreamOnHGlobal
StringFromCLSID
DoDragDrop
CoGetInterfaceAndReleaseStream
CoCreateInstance
StgOpenStorageOnILockBytes
StgOpenStorage

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce496322c16ad14ddb96193517648a9a

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

msvcrt

comctl32

gdi32

user32

oleaut32

ole32

Sections

.text Size: 50KB - Virtual size: 50KB

.data Size: 29KB - Virtual size: 29KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 50KB - Virtual size: 50KB

.data
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 14KB - Virtual size: 14KB