d2d3a47c4d24e3e023c0a8f3fffc27d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2d3a47c4d24e3e023c0a8f3fffc27d0_JaffaCakes118
Size

131KB
MD5

d2d3a47c4d24e3e023c0a8f3fffc27d0
SHA1

a8e975fbd2bd3827eab3f4be360ee901aa8144e2
SHA256

36a1ab2b141b1361d7e511efe767f657c4c0f40aa28fcaf11e1dcda20888ac9e
SHA512

0f60c3054c367a899647ecf0b030a5ce6d2fda6e02951e23742f3b7301011e8f00486ffc88a7e9940d442c354c635b68b1d98558fc802c8b037de52516b122cb
SSDEEP

3072:e6Lt3mkH2DHLkXtJJjPu06DJaHME0qfgfsUrF:e6LoeJPu0LHMEjgfH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2d3a47c4d24e3e023c0a8f3fffc27d0_JaffaCakes118

Files

d2d3a47c4d24e3e023c0a8f3fffc27d0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

50a7345b03e9726ebd9c8d2b3b0592cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
MultiByteToWideChar
VirtualAlloc
LocalFileTimeToFileTime
GetACP
GetModuleHandleW
SetCurrentDirectoryA
GetModuleHandleA
InterlockedDecrement
WritePrivateProfileStringA
GetStartupInfoA
TerminateProcess
SystemTimeToFileTime
WaitForSingleObject
FileTimeToDosDateTime

msvcrt

_controlfp
log10
__set_app_type
_except_handler3
__p__fmode
_acmdln
_ultoa
_adjust_fdiv
exit
isleadbyte
__setusermatherr
__lc_codepage
__getmainargs
ctime
_XcptFilter
realloc
__p__commode
_initterm
_vsnprintf

oleaut32

GetErrorInfo
SafeArrayPtrOfIndex
VariantCopy
SafeArrayCreate
SafeArrayRedim
SysAllocStringLen
SafeArrayGetUBound
SysReAllocStringLen
VariantClear

advapi32

InitiateSystemShutdownA
RegCloseKey
IsValidSid
LookupPrivilegeValueW
OpenThreadToken
QueryServiceStatus
RegQueryInfoKeyW
RegQueryInfoKeyA
SetSecurityDescriptorOwner
RegEnumKeyA

comctl32

InitCommonControls
CreatePropertySheetPageW
ImageList_Read
InitializeFlatSB
ImageList_DragEnter
PropertySheetW
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_EndDrag
DestroyPropertySheetPage
ImageList_GetImageInfo

shell32

SHGetSpecialFolderPathW
DragQueryFileW
ExtractAssociatedIconW
ShellExecuteW
Shell_NotifyIconW
SHGetFolderLocation
ShellExecuteEx
SHBrowseForFolder
SHFileOperationA
CommandLineToArgvW

gdi32

Escape
SetBkColor
RectVisible
GdiFlush
GetCharWidthW
BeginPath
CreateRectRgn

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerInstallFileW
VerLanguageNameA
GetFileVersionInfoA
VerFindFileW

ole32

PropVariantClear
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
OleUninitialize
CoGetMalloc
IsAccelerator
CoRegisterClassObject

user32

SetClassLongA
InvalidateRect
BeginPaint
InflateRect

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50a7345b03e9726ebd9c8d2b3b0592cf

Headers

File Characteristics

Imports

kernel32

msvcrt

oleaut32

advapi32

comctl32

shell32

gdi32

version

ole32

user32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 41KB

.rsrc Size: 95KB - Virtual size: 94KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 41KB

.rsrc
Size: 95KB - Virtual size: 94KB