d0a2a3edd3bd86389881b2423478c056_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0a2a3edd3bd86389881b2423478c056_JaffaCakes118
Size

131KB
MD5

d0a2a3edd3bd86389881b2423478c056
SHA1

202d72e1ee34c1aed4c6fc0716d121a1a770fd88
SHA256

6f0d96317a37e0baa90f04166dabb773ef97312be05d44d184a03d8559ac230c
SHA512

422bde4c81e3cbb4c3f50fe79d35ce70dc2dd02f621c7af02acf0c768024c40d15b7b1b4d6f0d74c3a81efb31f5b17814f19376c0b8ecedef70236dde7f1e059
SSDEEP

3072:apv8VGHJQmHuxz6kfD+cgjyxZGMYQCoB1UseGxEqItdiOv/:h8GRhJroWxZGfQ5BiMpItZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0a2a3edd3bd86389881b2423478c056_JaffaCakes118

Files

d0a2a3edd3bd86389881b2423478c056_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4cb69ac62e20bf8e5c67cc7888bfe4aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetEnvironmentStrings
InterlockedCompareExchange
GetDiskFreeSpaceA
GetSystemTime
GetTickCount
GetCommandLineA
GetEnvironmentStringsW
SetFileTime
GetModuleHandleA
GetStartupInfoA
VirtualProtect
RemoveDirectoryA
GetLastError

msvcrt

_except_handler3
__dllonexit
__p__fmode
__p__environ
_acmdln
__setusermatherr
bsearch
__p__commode
_unlock
log10
_initterm
__set_app_type
_adjust_fdiv
strrchr
_XcptFilter
_controlfp
_wcsicmp
exit
__getmainargs
_c_exit

shell32

DragQueryFileW
SHAppBarMessage
SHGetSpecialFolderPathA
ExtractIconExW
SHGetPathFromIDListW
SHGetFileInfoA
CommandLineToArgvW
SHGetPathFromIDList
DoEnvironmentSubstW

user32

GetMenuItemID
ShowCursor
EqualRect
GetPropA
SetCapture
AdjustWindowRectEx
DialogBoxParamA
DestroyMenu
GetClientRect
OemToCharA
SetForegroundWindow

oleaut32

SafeArrayCreate
GetErrorInfo
SafeArrayGetElement
SysAllocStringLen
CreateErrorInfo
SafeArrayGetUBound
VariantClear
SafeArrayRedim

comctl32

ImageList_Replace
InitCommonControls
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Draw
CreatePropertySheetPageA
ImageList_SetOverlayImage
ImageList_DragLeave
ImageList_Read
CreatePropertySheetPageW
ImageList_Create
ImageList_GetIconSize
ImageList_Remove
ImageList_SetImageCount

gdi32

GetClipBox
SetEnhMetaFileBits
RealizePalette
SetWindowOrgEx
StartDocA
Rectangle
ExtCreatePen
EnumFontsA
GetWindowOrgEx
TranslateCharsetInfo

ole32

GetRunningObjectTable
StringFromGUID2
StgOpenStorageOnILockBytes
OleUninitialize
CoSetProxyBlanket

version

VerInstallFileW
GetFileVersionInfoW
VerQueryValueW
VerLanguageNameA
GetFileVersionInfoSizeA
VerQueryValueA
VerInstallFileA
VerFindFileW

advapi32

RegDeleteValueA
RegFlushKey
RegOpenKeyExW
RegSetValueExA
GetTokenInformation
LookupPrivilegeValueW
ControlService

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gjepxql
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4cb69ac62e20bf8e5c67cc7888bfe4aa

Headers

File Characteristics

Imports

kernel32

msvcrt

shell32

user32

oleaut32

comctl32

gdi32

ole32

version

advapi32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 95KB - Virtual size: 123KB

gjepxql Size: - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 95KB - Virtual size: 123KB

gjepxql
Size: - Virtual size: 4KB