c7b2674700deb303d6eed7cc1993251a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7b2674700deb303d6eed7cc1993251a_JaffaCakes118
Size

147KB
MD5

c7b2674700deb303d6eed7cc1993251a
SHA1

ae22010e18457ca7873202f4398e17480bbafd16
SHA256

5938559a46a22c4a59449d1815c7c90661a7efdde094d9db9fd07ca1bd56f0fc
SHA512

f77459141fb4ab7c3eb09c8a497ef6e56f14fc5338e8149fcf35d36b402c462a4730f9484cc79ae88119b96c6d652e43e1913c6a3218a3764b48f1aba9cb1775
SSDEEP

3072:2oHNGHWoBARZR1+yr/CeoLBg4geRsYq3jxFM67D:I8rCtTgtj3jxFv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7b2674700deb303d6eed7cc1993251a_JaffaCakes118

Files

c7b2674700deb303d6eed7cc1993251a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f78e0ae61b52c58348bfd210ab4baa4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

strcat
_XcptFilter
_wcsnicmp
_adjust_fdiv
remove
_acmdln
strncat
exit
atoi
_except_handler3
fprintf
_controlfp
_setjmp3
_initterm
__setusermatherr
__p__commode
__p__fmode
iswdigit
_snwprintf
tolower
__getmainargs
log10
wcstombs
__set_app_type
_chmod

kernel32

GetStartupInfoA
GetACP
GetPrivateProfileStringA
GetModuleHandleA
OutputDebugStringA
QueryPerformanceCounter
SetFileTime
InterlockedCompareExchange
VirtualProtect
LCMapStringA

shell32

SHGetFolderPathA
DragQueryFile
SHBindToParent
Shell_NotifyIconA
SHAddToRecentDocs
SHFileOperationA
SHGetPathFromIDList
ShellExecuteW
ShellExecuteEx
DragQueryFileA

oleaut32

CreateErrorInfo
GetErrorInfo
SafeArrayGetUBound
SafeArrayPtrOfIndex
SetErrorInfo
VariantCopy
SafeArrayPutElement

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_SetImageCount
PropertySheetA
ImageList_Remove
PropertySheetW
ImageList_SetIconSize

user32

OemToCharA
GetFocus
IsWindow
PtInRect
OpenClipboard
DrawTextA
GetDC
EnumThreadWindows
SetScrollRange
GetSubMenu

ole32

CreateItemMoniker
OleInitialize
CoFreeUnusedLibraries
ProgIDFromCLSID
CoInitializeEx
CoTaskMemRealloc
DoDragDrop
CoGetInterfaceAndReleaseStream
CoTaskMemFree

advapi32

RegEnumValueW
GetLengthSid
RegFlushKey
RegQueryValueExW
OpenProcessToken
RegOpenKeyW
OpenSCManagerA
RegCreateKeyA

gdi32

ExtCreatePen
GdiFlush
PlayMetaFile
GetEnhMetaFileBits
GetTextColor
GetTextFaceW
EnumFontFamiliesExA
StartPage
StartDocW

version

VerInstallFileW
GetFileVersionInfoW
VerInstallFileA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA
VerFindFileW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f78e0ae61b52c58348bfd210ab4baa4

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

oleaut32

comctl32

user32

ole32

advapi32

gdi32

version

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 109KB - Virtual size: 109KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 109KB - Virtual size: 109KB