bcbf7b2276de24704422215f5a5903a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bcbf7b2276de24704422215f5a5903a4_JaffaCakes118
Size

145KB
MD5

bcbf7b2276de24704422215f5a5903a4
SHA1

e4e439b6455e7c5cc819819fe2eb208073b0f1e1
SHA256

2bd023e5583ef82575533be1b71651d78b1d343a923cf96ea7660b4a20075e77
SHA512

e1106d5a205d8a2e64c5caaeaddc231dcf1bf24f24cec899e84575e66e4117f6333037730f971121155932cb6a20f256aaf2230ad4d3dac1aaa9ba2077c59014
SSDEEP

3072:xsalZ/5r+x2Hd1ibNpbZuOvaw69Tq/dR7sH6Qoka3iD:lr+xsdCLuOvRSOFJsH6fkau

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcbf7b2276de24704422215f5a5903a4_JaffaCakes118

Files

bcbf7b2276de24704422215f5a5903a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63bab19a7177fd6098758d854f8d05f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__setusermatherr
log10
_isctype
__p__fmode
iswdigit
_acmdln
exit
_controlfp
atol
gmtime
_adjust_fdiv
__set_app_type
_except_handler3
__p__commode
_XcptFilter
__getmainargs
_initterm
memmove
_c_exit
fputc

kernel32

RaiseException
GetTempPathW
SetThreadLocale
GetPrivateProfileStringA
GetLocaleInfoA
DuplicateHandle
GetDriveTypeA
LocalAlloc
VirtualProtect
GlobalAlloc
lstrcmpA
GetModuleHandleA
GetSystemDirectoryA
GetStartupInfoA
QueryPerformanceCounter

oleaut32

SysFreeString
SysStringLen
VariantCopyInd
LoadTypeLib
SafeArrayCreate
VariantInit
VariantCopy
GetErrorInfo

comctl32

CreateStatusWindowA
ImageList_GetIconSize
ImageList_Destroy
CreateToolbarEx

ole32

ReleaseStgMedium
CreateILockBytesOnHGlobal
IsAccelerator
StgCreateDocfileOnILockBytes
RevokeDragDrop
CoLoadLibrary
StgOpenStorageOnILockBytes
CoCreateInstance
ProgIDFromCLSID
CoRegisterClassObject
OleUninitialize
CreateBindCtx
CoFreeUnusedLibraries

shell32

SHBrowseForFolder
Shell_NotifyIconA
SHBrowseForFolderW
ShellExecuteExA
SHBrowseForFolderA
SHGetDesktopFolder
DoEnvironmentSubstW
SHGetMalloc
DragFinish

version

VerInstallFileW
VerQueryValueA
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA

user32

GetMenu
SendDlgItemMessageA
CharLowerA
GetWindowRect
MessageBoxA
GetKeyboardType
FindWindowA
GetDC
SetActiveWindow
EmptyClipboard
GetScrollInfo
DestroyCursor

gdi32

RoundRect
GetDIBColorTable
CreateHalftonePalette
GetTextFaceW
GetTextMetricsA
ExtTextOutA
PolyBezierTo
SetColorAdjustment
ExcludeClipRect

advapi32

OpenProcessToken
RegDeleteValueA
CopySid
DeleteService
RegQueryInfoKeyA
RevertToSelf

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63bab19a7177fd6098758d854f8d05f5

Headers

File Characteristics

Imports

msvcrt

kernel32

oleaut32

comctl32

ole32

shell32

version

user32

gdi32

advapi32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 18KB - Virtual size: 39KB

.rsrc Size: 107KB - Virtual size: 106KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 18KB - Virtual size: 39KB

.rsrc
Size: 107KB - Virtual size: 106KB