bad97578e2b592e8c83e267ee99bb938_JaffaCakes118

General

Target

bad97578e2b592e8c83e267ee99bb938_JaffaCakes118
Size

162KB
MD5

bad97578e2b592e8c83e267ee99bb938
SHA1

1c1664c3ad42179e9381aed79edbd91b76832b70
SHA256

73e00f4d76c3c94251835ddef5716d1f9e3a53becb0aa1bd8653b9d650a2d84d
SHA512

74a1afc3231b89c0af4dda1b72aadbea8ae2d552be1f276440cab7b8a294bf5cbe52b2e4fb563e426cb11edcef64aebf96e54828164002ba83bcb37e28406f9d
SSDEEP

3072:HOl7ZzoBiTY7qGC7GHxZE9hI4gi7I/ESjT/dxoUgHQP6FWfsLuwAW7Wjc1F:6tY7qbjwf/dxYHw4WfKuwAS1F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bad97578e2b592e8c83e267ee99bb938_JaffaCakes118

Files

bad97578e2b592e8c83e267ee99bb938_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b32b01acda90c426a270b2a436e9904f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetStringTypeExA
GetModuleHandleA
GetLocaleInfoA
WriteConsoleA
DeviceIoControl
GetFullPathNameA
GetStartupInfoA
GetTempFileNameA
GlobalHandle
GetVersionExW

user32

GetScrollPos
DrawEdge
IsDialogMessageA
IsWindowEnabled
GetDC
SetRect
GetSysColor
SetCursor

msvcrt

log10
exit
_adjust_fdiv
__setusermatherr
__getmainargs
_except_handler3
_initterm
atof
srand
_acmdln
strcpy
_XcptFilter
__initenv
_open_osfhandle
strchr
__set_app_type
__p__commode
__p__fmode
bsearch
putchar

comctl32

ImageList_GetIcon
CreateToolbarEx
ImageList_Add
InitCommonControls
ImageList_Write
ImageList_Remove

oleaut32

SysStringLen
SafeArrayCreate
SafeArrayRedim
GetActiveObject

ole32

StringFromIID
OleSetMenuDescriptor
DoDragDrop
CoCreateInstance
CreateItemMoniker
CoTaskMemRealloc
CLSIDFromProgID

advapi32

CryptHashData
QueryServiceStatus
CryptReleaseContext
RegOpenKeyW
RegQueryValueExW
RegQueryInfoKeyW
SetSecurityDescriptorDacl
RegEnumKeyW
RegEnumValueW
SetSecurityDescriptorGroup

shell32

SHChangeNotify
DoEnvironmentSubstW
ShellExecuteW
DragQueryFileA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b32b01acda90c426a270b2a436e9904f

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

oleaut32

ole32

advapi32

shell32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 150KB - Virtual size: 150KB

.data Size: 6KB - Virtual size: 6KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 150KB - Virtual size: 150KB

.data
Size: 6KB - Virtual size: 6KB