be7b8b84751edadc73f7438526dfd1e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be7b8b84751edadc73f7438526dfd1e9_JaffaCakes118
Size

127KB
MD5

be7b8b84751edadc73f7438526dfd1e9
SHA1

1976db505280cf9cd50b01f82c2d259325d29b1c
SHA256

4e6cfb86530c8bc2cbf3adc3d81fa480f0d6b2c062340215f494dcf254bb6529
SHA512

8931a40e74ae6daa28c391efd919860fa1f6b75c7c34d14b0b7748c12867c4b2349e7eb9284173f8cc4bdae10657ae3a77b7ba7c264e96632a665815f86c8f5a
SSDEEP

3072:X+i6NUdVSOM3iPauQzbdKejh9H2JNaQIj5TGqdm3y8B4Yj:XpVSJuQzHuoY3y8BL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be7b8b84751edadc73f7438526dfd1e9_JaffaCakes118

Files

be7b8b84751edadc73f7438526dfd1e9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

935184d88887c3af914dcc15448e96fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_controlfp
remove
__getmainargs
_adjust_fdiv
__set_app_type
__lc_codepage
wcstoul
towupper
exit
__setusermatherr
_except_handler3
_putenv
__p___initenv
_XcptFilter
__p__commode
strcmp
__p__fmode
log10
_isctype
_initterm
_mbsrchr
_acmdln
wcschr

kernel32

WaitForSingleObject
GetVersion
GetLocaleInfoA
GetSystemInfo
GetModuleHandleA
GetStartupInfoA
VirtualProtect

gdi32

SetDIBits
SetTextJustification
DeleteMetaFile
GetCurrentPositionEx
SetViewportOrgEx
ExtCreatePen
FrameRgn

advapi32

AdjustTokenPrivileges
CryptGenRandom
InitializeAcl
OpenThreadToken
InitializeSecurityDescriptor
RegEnumKeyExA
RegFlushKey
FreeSid
ControlService
RegCreateKeyExA
RegCreateKeyA
DeregisterEventSource
CryptAcquireContextA

shell32

SHChangeNotify
Shell_NotifyIconW
ShellExecuteExA
DragQueryFile
SHFileOperationA
SHFileOperationW
SHGetDiskFreeSpaceExW
DragQueryFileW

version

GetFileVersionInfoSizeW
GetFileVersionInfoA
VerInstallFileW
VerFindFileW
VerQueryValueA
VerLanguageNameA
VerQueryValueW

user32

OemToCharA
RegisterClipboardFormatA
GetMenuStringA
EnumWindows
RegisterClassA
WindowFromPoint
SetScrollInfo
GetWindowRect
IsIconic
IsZoomed
GetMessagePos
GetCursorPos
SetScrollPos

oleaut32

SafeArrayRedim
GetErrorInfo
VariantCopyInd

comctl32

PropertySheetA
ImageList_LoadImageA
ImageList_DragEnter
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIconSize
PropertySheetW
ImageList_DrawEx

ole32

RevokeDragDrop
RegisterDragDrop
IIDFromString
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleGetClipboard
OleIsCurrentClipboard
CoRevokeClassObject

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

935184d88887c3af914dcc15448e96fe

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

advapi32

shell32

version

user32

oleaut32

comctl32

ole32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 39KB

.rsrc Size: 91KB - Virtual size: 164KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 39KB

.rsrc
Size: 91KB - Virtual size: 164KB