d07028874bb03859e746803e274f01ed_JaffaCakes118

General

Target

d07028874bb03859e746803e274f01ed_JaffaCakes118
Size

101KB
MD5

d07028874bb03859e746803e274f01ed
SHA1

e7dc5d18cd8df7cac8d8c7b8b8e65da2dd69d1c8
SHA256

88f8fcf3bb63bf1c1b16e51f864fb42a218d49b582ac0d31203a0dc287f8105e
SHA512

8821321b712996bd529387bcdd27856d7b681b4c59ae85f8709fbb3bb6b747a685e8d5a99008eceeb8e97210f55e45b50038dbf1fa4f4560f062f74c1b96e5a3
SSDEEP

1536:c8KmaEs4mh0xyzp2AoJTkD28KtC9GeJmn6XcaQxzv5Ka0wkccMzn:fKnEt8fN4Aq8AYtxhQxzv511jcG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d07028874bb03859e746803e274f01ed_JaffaCakes118

Files

d07028874bb03859e746803e274f01ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f1a6848768b6b4fd59dedcfaf8706c68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetCommandLineA
VirtualProtect
GetModuleHandleA
GlobalReAlloc
OutputDebugStringA
GetStringTypeA
DeleteFileA

user32

WaitMessage
GetPropA
SetForegroundWindow
GetMessagePos
FindWindowA
SystemParametersInfoA
UnregisterClassA
ScrollWindow
DrawTextA
SetScrollPos
RegisterClipboardFormatA
TranslateMessage
SetClassLongA
CheckMenuItem
GetLastActivePopup
GetSysColor

msvcrt

_XcptFilter
__p__commode
__set_app_type
_vsnwprintf
__setusermatherr
_initterm
_amsg_exit
abort
_wtoi
isleadbyte
__getmainargs
_adjust_fdiv
sqrt
fflush
__p__fmode
exit
ungetc
_acmdln
_except_handler3

shell32

DragAcceptFiles
SHGetPathFromIDList
SHGetFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
SHFileOperationA
SHBrowseForFolderA

advapi32

ControlService
SetSecurityDescriptorOwner
RegQueryValueExW
OpenSCManagerW
InitializeAcl
RegEnumKeyExW
AdjustTokenPrivileges
OpenThreadToken

ole32

CoGetClassObject
CoInitializeEx
OleInitialize
CoLoadLibrary
RegisterDragDrop
StringFromGUID2
ReleaseStgMedium
CoTaskMemAlloc
OleDraw
GetRunningObjectTable

oleaut32

GetActiveObject
SetErrorInfo
LoadTypeLib
SysStringByteLen
SafeArrayGetUBound

comctl32

ImageList_DrawEx
CreateStatusWindowA
CreateToolbarEx
InitCommonControls
ImageList_DragShowNolock
CreatePropertySheetPageW
ImageList_SetIconSize
ImageList_GetBkColor

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a6848768b6b4fd59dedcfaf8706c68

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 71KB - Virtual size: 70KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 71KB - Virtual size: 70KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB