d1aff5468b3f13113cf0397e7a0f0c0f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1aff5468b3f13113cf0397e7a0f0c0f_JaffaCakes118
Size

128KB
MD5

d1aff5468b3f13113cf0397e7a0f0c0f
SHA1

6cd96dfc9a9d547e13ca3df5ed12f650e2ee7f5c
SHA256

0e943428de1880b504111be84024f8e05951af3112ddf77bdee7441dd49b8e0a
SHA512

d3b2d57db1400f89f7c6e030b36946c027b7fa6358f2a03c32a6554f6e1f6b03e539f7cfa32ca2fc1301903982dc65533d2fd162f738387be020d3d9015f1d7a
SSDEEP

3072:XnfeTq9gckmCwzfREP4U5XWWQ4MFEBV932DtKa+GqT7+gEo:XGTXx4U5sFU3hTT7+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1aff5468b3f13113cf0397e7a0f0c0f_JaffaCakes118

Files

d1aff5468b3f13113cf0397e7a0f0c0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b3c88a5140868d9a3ea2995513e79fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetUserDefaultLCID
GetCPInfo
lstrcpyA
GetModuleHandleA
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
GetVersionExA
GetFileAttributesA
GetSystemDirectoryA
VirtualProtect
GlobalHandle
GetStartupInfoA
SystemTimeToFileTime
GetFileType

msvcrt

_XcptFilter
__getmainargs
_strnicmp
__pioinfo
_dup
_flsbuf
__setusermatherr
__p__fmode
_acmdln
_adjust_fdiv
exit
memcmp
__p__commode
__set_app_type
_initterm
log10
_except_handler3
_controlfp
strtok
_wcsicmp

gdi32

CreateMetaFileW
GetViewportOrgEx
SetTextAlign
RemoveFontResourceA
GetTextMetricsW
CreateFontIndirectA
GetMetaFileBitsEx
SetWindowOrgEx
SetMetaFileBitsEx
CreateBrushIndirect

ole32

CLSIDFromString
CLSIDFromProgID
PropVariantClear
CreateItemMoniker
OleFlushClipboard
CoRevokeClassObject
OleIsCurrentClipboard
StringFromIID
RegisterDragDrop
CoTaskMemRealloc

user32

DialogBoxParamA
DestroyCursor
MessageBeep
OffsetRect
MessageBoxA
GetIconInfo
CreatePopupMenu
InsertMenuItemA
GetSysColorBrush
CreateWindowExA
GetMessageA
FrameRect

comctl32

ImageList_DragLeave
ImageList_GetBkColor
CreatePropertySheetPageA
CreatePropertySheetPageW
ImageList_Replace
ImageList_SetBkColor
CreateToolbarEx
ImageList_LoadImageW
PropertySheetW
ImageList_GetImageInfo
ImageList_Read
InitCommonControls

oleaut32

SysReAllocStringLen
VariantClear
SetErrorInfo
VariantCopyInd
SafeArrayPutElement
SysStringByteLen
SafeArrayGetUBound
SafeArrayUnaccessData

advapi32

OpenThreadToken
IsValidSid
RegEnumKeyExA
RegDeleteKeyA
InitializeAcl
GetTokenInformation
OpenProcessToken

shell32

SHGetFolderPathA
Shell_NotifyIconA
SHChangeNotify
ExtractAssociatedIconW
SHGetSpecialFolderLocation

version

GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoW
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b3c88a5140868d9a3ea2995513e79fa

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

ole32

user32

comctl32

oleaut32

advapi32

shell32

version

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 18KB - Virtual size: 42KB

.rsrc Size: 90KB - Virtual size: 164KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 18KB - Virtual size: 42KB

.rsrc
Size: 90KB - Virtual size: 164KB