bcc3878176aeb93e4d6f6025fdd1244a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bcc3878176aeb93e4d6f6025fdd1244a_JaffaCakes118
Size

152KB
MD5

bcc3878176aeb93e4d6f6025fdd1244a
SHA1

961792ffcf5f0b86b78f1d5e34ba9f5bd4f5a4d4
SHA256

ca085332563fdc0261313842076aecbd3e713b6b10edad14725b4a0a2a4d7c53
SHA512

2ee78b1490215bc5fa00cdbe4bf9684f04abd0a706edff9af686a526c712a2924c3838b41f01f5737b311449bb5b9ae32f9b03410756cfbb27d281b825af165e
SSDEEP

3072:hJtQuhjo3A2g+X7xixXvNHD35hYqmL3nQkFKXUtel5NQTisL3W:hJtno3A2kvND3Di3nQk2U6NQfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcc3878176aeb93e4d6f6025fdd1244a_JaffaCakes118

Files

bcc3878176aeb93e4d6f6025fdd1244a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d188c03eea451ecf816932c1d70d2dd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
ExitProcess
IsDebuggerPresent
GetUserDefaultLCID
GetModuleFileNameW
SetHandleCount
GetModuleHandleA
FormatMessageA
WaitForMultipleObjects
GetFileTime
CreateProcessW
VirtualProtect
SetEnvironmentVariableA
LocalFree
SetLastError
GetSystemDirectoryA
InterlockedDecrement

msvcrt

_fullpath
localtime
_wcsnicmp
exit
_filbuf
_acmdln
_adjust_fdiv
_except_handler3
__setusermatherr
_XcptFilter
__p__fmode
__p__commode
_controlfp
__getmainargs
strcpy
_purecall
_initterm
_mbscmp
log10
tolower
__set_app_type

oleaut32

SafeArrayRedim
SafeArrayGetUBound
VariantCopy
SafeArrayPtrOfIndex
SysAllocStringLen
GetErrorInfo

ole32

StringFromGUID2
CreateStreamOnHGlobal
CoInitialize
GetRunningObjectTable
CoFreeUnusedLibraries
CoUninitialize
DoDragDrop
CoTaskMemFree

user32

GetKeyboardType
AdjustWindowRectEx
PostMessageA
DispatchMessageA
GetMenuStringA
DrawIcon
SystemParametersInfoA

shell32

SHFileOperationA
SHGetFileInfo
ShellExecuteA
DoEnvironmentSubstW
FindExecutableW
SHFileOperationW
SHGetFolderPathA
SHGetPathFromIDList
ShellExecuteEx
ExtractIconExA
SHBrowseForFolder
SHBindToParent

gdi32

GetBitmapBits
BitBlt
DeleteEnhMetaFile
CreatePen
ExtFloodFill
GetPaletteEntries
GetTextExtentPointW
SetBrushOrgEx
MaskBlt
SetMetaFileBitsEx
GetEnhMetaFileBits
GetTextAlign
GetTextMetricsA
Polygon

comctl32

ImageList_Add
ImageList_GetBkColor
ImageList_SetImageCount
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_Read

advapi32

RegEnumKeyExW
RegDeleteKeyA
DeregisterEventSource
AdjustTokenPrivileges
GetSecurityDescriptorDacl
AllocateAndInitializeSid
ControlService
RegEnumValueW

version

VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
VerFindFileW
GetFileVersionInfoSizeW

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d188c03eea451ecf816932c1d70d2dd0

Headers

File Characteristics

Imports

kernel32

msvcrt

oleaut32

ole32

user32

shell32

gdi32

comctl32

advapi32

version

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 18KB - Virtual size: 38KB

.rsrc Size: 113KB - Virtual size: 113KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 18KB - Virtual size: 38KB

.rsrc
Size: 113KB - Virtual size: 113KB