c03900693e438eb39bb6a8c96db28ebd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c03900693e438eb39bb6a8c96db28ebd_JaffaCakes118
Size

130KB
MD5

c03900693e438eb39bb6a8c96db28ebd
SHA1

4df37884041c6db3d0696a76171a8ad36751cddc
SHA256

b26a9b586e78844c632c1227d2a829bea96e6ce55a0ea4117ea4cf734ec58bc4
SHA512

4c1bf8e6cc9d18e811d618b05867a907957fa165527c4f004a9a8dd9a2493512570e8ed8f07dd4f1883f7a2a9c70ee7ac97db639e130142518d3edb0c83ca329
SSDEEP

3072:daRPLQVfSPB1GLHywT8mdBqit+Kg7Ykfjt72KJ69YWCQs:ERYO1GPT8mdwC+K+YkfgKJ69TCD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c03900693e438eb39bb6a8c96db28ebd_JaffaCakes118

Files

c03900693e438eb39bb6a8c96db28ebd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3fa67159f57c0121e44d8ede46515f11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__p__fmode
_getpid
__set_app_type
__setusermatherr
_lseeki64
printf
_adjust_fdiv
fgetpos
_XcptFilter
_vsnwprintf
_purecall
sqrt
_fullpath
log
_initterm
_except_handler3
_acmdln
fclose
_controlfp
exit
__p__commode
__getmainargs

kernel32

GetModuleHandleA
GetStartupInfoA
SetUnhandledExceptionFilter
GetStdHandle
VirtualProtect
WaitForSingleObject
GetLocaleInfoA
ExitProcess
GetVersionExA
CreateDirectoryA
WriteConsoleA

gdi32

SelectClipRgn
GetTextAlign
GetTextExtentExPointW
CreateFontW
FillRgn
StartDocW
SetMapperFlags
CreateMetaFileW
DeleteEnhMetaFile
CreateFontIndirectA
SetWinMetaFileBits
CreateICA

user32

SetActiveWindow
ReleaseDC
GetMenuItemID
CallWindowProcA
SetScrollInfo
IsChild
SystemParametersInfoA
EnumWindows
SetClipboardData
DestroyWindow
GetTopWindow
GetSysColor
DestroyMenu
SetCursor
GetActiveWindow

comctl32

ImageList_Add
ImageList_BeginDrag
PropertySheetW
ImageList_DrawEx
ImageList_DragLeave

shell32

DragFinish
SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHGetFolderPathW
ExtractIconA
SHGetSettings
Shell_NotifyIconW
SHGetFileInfoA
ShellExecuteW
DragQueryFileA
ShellExecuteEx
SHGetPathFromIDListW

ole32

CoReleaseMarshalData
StringFromGUID2
OleInitialize
CoRegisterClassObject
CoCreateInstance
CoInitializeSecurity
CreateILockBytesOnHGlobal
OleGetClipboard

advapi32

GetUserNameA
AddAccessAllowedAce
ControlService
RegOpenKeyExW
GetTokenInformation
RegSetValueExW
CryptDestroyHash
RegQueryValueA
RegOpenKeyExA
RegDeleteValueW
RegSetValueExA
EqualSid

version

GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeW
VerInstallFileA

oleaut32

SafeArrayGetUBound
SafeArrayUnaccessData
CreateErrorInfo
SysAllocStringLen
VariantCopy
SafeArrayPtrOfIndex
GetErrorInfo

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fa67159f57c0121e44d8ede46515f11

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

user32

comctl32

shell32

ole32

advapi32

version

oleaut32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 18KB - Virtual size: 39KB

.rsrc Size: 93KB - Virtual size: 92KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 18KB - Virtual size: 39KB

.rsrc
Size: 93KB - Virtual size: 92KB