c084831040cf8b48193dda7d4933044a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c084831040cf8b48193dda7d4933044a_JaffaCakes118
Size

147KB
MD5

c084831040cf8b48193dda7d4933044a
SHA1

c38e5bd3eb7587255ebeb4e989c58232d7c2976d
SHA256

46d74957449b786982bbbab0ad48e03cb85570d1edb5a1b7abd86429006d99ce
SHA512

f76d12d84854e2d231510c69d467d40a1b4a372f71bce2e505a32b614d467e097ee41fe0e80dc9a9cb84d065d51d5a3d7534cb723d0cfd345e8b69692278bd85
SSDEEP

3072:sWBf9HzSB0IOLuppoKB/r61VgVGXgfax0nrMC0Hpaw6p:Rf9Hzw0InpKKPIXC0EQNHpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c084831040cf8b48193dda7d4933044a_JaffaCakes118

Files

c084831040cf8b48193dda7d4933044a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e99ae055488371b6f8aa99154a457dbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
IsBadWritePtr
VirtualAlloc
VirtualProtect
GetModuleHandleA
MultiByteToWideChar
SetFileTime
GetStartupInfoA
GetStringTypeW
GetCurrentProcess
FileTimeToLocalFileTime

msvcrt

__setusermatherr
log
_XcptFilter
_initterm
_acmdln
__set_app_type
__p__fmode
_amsg_exit
memmove
_except_handler3
exit
__p__commode
sscanf
wcsstr
strtoul
__getmainargs
_fstat
_strcmpi
_adjust_fdiv

user32

GetKeyState
InsertMenuItemA
GetCursorPos
GetWindowRect
PeekMessageA
GetWindowLongA
WinHelpA
OpenClipboard
RemoveMenu

gdi32

OffsetWindowOrgEx
CreateICW
SetDIBColorTable
SelectClipRgn
SetMapperFlags
GetTextExtentPointW
DPtoLP
CopyEnhMetaFileA

ole32

CoLoadLibrary
CoGetClassObject
CoGetMalloc
ProgIDFromCLSID
CoRevokeClassObject
CoRegisterClassObject
CoCreateGuid
CoTaskMemAlloc
CoGetInterfaceAndReleaseStream
StringFromCLSID
PropVariantClear

advapi32

GetTokenInformation
CryptGenRandom
RegEnumValueW
RevertToSelf
OpenProcessToken
LookupPrivilegeValueW
RegCloseKey
RegEnumKeyW
RegDeleteKeyA
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
RegSetValueExA
CryptReleaseContext

shell32

SHAddToRecentDocs
SHBrowseForFolderW
ShellExecuteExW
SHGetSettings

comctl32

ImageList_AddMasked
CreatePropertySheetPageW
ImageList_GetBkColor
PropertySheetA
ImageList_SetDragCursorImage
CreateStatusWindowA
ImageList_SetOverlayImage
InitCommonControls

oleaut32

VariantCopyInd
VariantCopy
SafeArrayPtrOfIndex
GetErrorInfo
SafeArrayPutElement
LoadTypeLib
SetErrorInfo
SafeArrayCreate

version

VerInstallFileW
GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA
VerFindFileW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e99ae055488371b6f8aa99154a457dbe

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

ole32

advapi32

shell32

comctl32

oleaut32

version

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 33KB - Virtual size: 33KB