bb35c7c91c41240930091d8f61b26ad5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb35c7c91c41240930091d8f61b26ad5_JaffaCakes118
Size

99KB
MD5

bb35c7c91c41240930091d8f61b26ad5
SHA1

5a7dd91c62557a354f040dd228c10cb889a4718b
SHA256

2787b3714e25eeb5400f51670471c36bc83c3afa57e2cf5c2f42c15d43fbd0f2
SHA512

a5e11dfabbf3acb9914e933d3bdf708ec03cf6922ed7a244470de515d0041e4f4f043247070b76ec6635304d741664fcb0150de0357229ff7bf4d75c3bab6a1d
SSDEEP

1536:p7jL391i9P8+3QXy29F2K+HRtwgqHm6sgsnc5njE+8aUZlnXZ:pj69PVAXZ9zi8pOZc5naaGlJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb35c7c91c41240930091d8f61b26ad5_JaffaCakes118

Files

bb35c7c91c41240930091d8f61b26ad5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31c683d2a7e2f70e9d88d2ac5c4c4b2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetFileTime
GetStartupInfoA
GetCPInfo
LocalFree
GetVersionExA
VirtualProtect
GetTempPathW
GetACP
IsBadReadPtr
RemoveDirectoryA

user32

UnhookWindowsHookEx
DestroyMenu
SetCapture
PeekMessageA
WindowFromPoint
CreateMenu
IsWindow
EmptyClipboard
ScrollWindow
GetMenuItemCount
GetDlgItem
ScreenToClient
CreateWindowExA
IntersectRect
RegisterClipboardFormatA
WaitMessage
GetSysColor
CharLowerA

msvcrt

__p__commode
_except_handler3
_initterm
_unlink
ungetc
wcscat
_XcptFilter
malloc
strcat
_adjust_fdiv
__p__fmode
getenv
exit
__getmainargs
__set_app_type
sqrt
__setusermatherr
wcstoul
_acmdln

comctl32

ImageList_Replace
CreateToolbarEx
ImageList_SetOverlayImage
CreatePropertySheetPageW
ImageList_DragEnter
ImageList_SetIconSize
ImageList_GetIcon
ImageList_DragShowNolock
ImageList_Create
InitializeFlatSB

oleaut32

VariantCopy
SetErrorInfo
GetActiveObject
SysStringLen
CreateErrorInfo
SysFreeString
SysAllocStringByteLen
VariantInit
LoadTypeLib
GetErrorInfo

advapi32

EqualSid
InitializeAcl
RegDeleteKeyA
IsValidSid
GetSecurityDescriptorDacl
InitiateSystemShutdownA
RegEnumKeyExA
OpenSCManagerW
SetSecurityDescriptorDacl
OpenServiceW

shell32

ExtractIconW
SHGetSpecialFolderPathW
SHGetDiskFreeSpaceExW
SHCreateDirectoryExW
SHGetPathFromIDListW
SHGetPathFromIDList
CommandLineToArgvW
SHGetMalloc

ole32

CoInitializeEx
DoDragDrop
RevokeDragDrop
CLSIDFromString
CoGetInterfaceAndReleaseStream
CreateStreamOnHGlobal
GetRunningObjectTable
CoRegisterClassObject
CoReleaseMarshalData

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31c683d2a7e2f70e9d88d2ac5c4c4b2e

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

oleaut32

advapi32

shell32

ole32

Sections

.text Size: 69KB - Virtual size: 68KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 69KB - Virtual size: 68KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB