ce70f88eeef15e482f0e0a5a637eea5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce70f88eeef15e482f0e0a5a637eea5c_JaffaCakes118
Size

130KB
MD5

ce70f88eeef15e482f0e0a5a637eea5c
SHA1

bdcd26953cd6e9568ac155684a9b647e883e6418
SHA256

b7eaaf73c5dc98396d23f9f196f3c645632aefb44b82592cb6e106661feeeaea
SHA512

94ee443d5372c0c1c03d506a6eb9ee8e510b862159c0a237fcb9de52b2360a66e047e807235c43921db7bd8238178c936eaa8e6b1257616df631ee3a08acc566
SSDEEP

3072:tu/ZQcWfTv2nSwYPwIIwRR+CluzlapyKs7N+68JZ:tu/IfTb7I4FoUyKs7N+7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce70f88eeef15e482f0e0a5a637eea5c_JaffaCakes118

Files

ce70f88eeef15e482f0e0a5a637eea5c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ced9edba87d1539f92e4a37c9736264d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CopyFileA
CompareFileTime
LocalAlloc
GetCurrentDirectoryA
DeleteFileA
WaitForMultipleObjects
VirtualProtect
CreateFileMappingA
FileTimeToDosDateTime
GetLastError
CompareStringA
GetStartupInfoA
FormatMessageA
GetModuleHandleA

msvcrt

_acmdln
_XcptFilter
_adjust_fdiv
fgetc
_controlfp
__badioinfo
exit
__setusermatherr
isxdigit
_lseeki64
log10
qsort
strtoul
_initterm
__p__fmode
__p__commode
_except_handler3
__getmainargs
__set_app_type
_exit
wcstol
fsetpos

version

VerFindFileW
VerQueryValueW
GetFileVersionInfoW
VerLanguageNameA
GetFileVersionInfoSizeW
GetFileVersionInfoA

shell32

SHGetFolderLocation
SHGetSpecialFolderPathA
SHChangeNotify
SHGetMalloc
ExtractIconW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFolderPathW
DragQueryFile
CommandLineToArgvW

user32

PostMessageA
LoadStringA
OpenClipboard
SetWindowsHookExA
GetSystemMenu
PostQuitMessage
UnhookWindowsHookEx
LoadCursorA

gdi32

GetPaletteEntries
ExtCreatePen
GetTextFaceW
GetTextMetricsA
GetMapMode
CreatePen
EnumFontFamiliesW
UnrealizeObject
CreatePatternBrush

comctl32

ImageList_GetImageInfo
ImageList_GetIcon
CreateStatusWindowA
ImageList_Replace
ImageList_Add
CreatePropertySheetPageA
PropertySheetA
ImageList_DragEnter
CreateToolbarEx
ImageList_Remove

oleaut32

SetErrorInfo
CreateErrorInfo
GetErrorInfo
VariantInit
SysAllocStringLen
SysReAllocStringLen
SafeArrayGetElement
GetActiveObject
VariantCopyInd
SysFreeString

advapi32

CheckTokenMembership
GetTokenInformation
RegQueryInfoKeyA
SetSecurityDescriptorGroup
AddAccessAllowedAce
AllocateAndInitializeSid
RevertToSelf
LookupPrivilegeValueA
GetSecurityDescriptorDacl
RegCreateKeyExA
OpenServiceA

ole32

StringFromGUID2
GetRunningObjectTable
OleInitialize
OleGetClipboard
CoInitialize
StgOpenStorageOnILockBytes
RegisterDragDrop

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ced9edba87d1539f92e4a37c9736264d

Headers

File Characteristics

Imports

kernel32

msvcrt

version

shell32

user32

gdi32

comctl32

oleaut32

advapi32

ole32

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 95KB - Virtual size: 164KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 95KB - Virtual size: 164KB