d5219afb76549771fa5bbf20245fdee4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d5219afb76549771fa5bbf20245fdee4_JaffaCakes118
Size

332KB
MD5

d5219afb76549771fa5bbf20245fdee4
SHA1

a5ba2ccaf729466f0c7500c8605f53c4b2dc954a
SHA256

48e242e9dd88d33a25542a55afac8f31c2c31d1bcbf6b493b3377c3a13ae8cf7
SHA512

6d4f264b3fee9c56c4b1c594c406af2d801e362add1929f27d1bf92bb16a31ad47a0c30e23e77416c6563fbe6d614775bf3a62d779ca52daf731d89f4d88c934
SSDEEP

6144:TVL5RDU7+yU1S4H+EtYGbHgWt5l/9Oty+7VEucls4O3Ua43UCo:TVL5xU73Uk4Y+HT3t8tyPPls4BaD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5219afb76549771fa5bbf20245fdee4_JaffaCakes118

Files

d5219afb76549771fa5bbf20245fdee4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da94349de956ee883769f7e60fde4dd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenPropStg
CoGetPSClsid
GetHGlobalFromILockBytes
CoAddRefServerProcess
CoBuildVersion
StgSetTimes
OleCreateLinkFromData
OleGetIconOfFile
WriteClassStg
OleGetIconOfClass
MonikerCommonPrefixWith
CoReleaseMarshalData
CreateFileMoniker
RevokeDragDrop
GetRunningObjectTable
CoGetClassObject

gdi32

GdiComment
AddFontResourceA
Ellipse
CreateSolidBrush
DeleteMetaFile
CreateFontW
CopyMetaFileA
CombineTransform
CloseEnhMetaFile
FrameRgn
EnumObjects
GdiFlush
GetBkMode
FillRgn

comctl32

CreatePropertySheetPageA
ord4
ord14
InitCommonControlsEx
ord15
CreateToolbarEx
PropertySheetW
UninitializeFlatSB
ord13
DrawStatusTextW

shlwapi

StrCmpNA
StrToIntA
StrCSpnA
StrChrA
StrRStrIW

kernel32

QueryPerformanceCounter
OpenEventA
GetProcAddress
GetModuleFileNameA
GetLastError
GetTickCount
TlsSetValue
FreeEnvironmentStringsA
VirtualAlloc
GetEnvironmentStrings
TlsGetValue
LCMapStringA
GetStartupInfoA
GetStdHandle
GetModuleHandleA
GetProcessHeap
VirtualFree
HeapCompact
IsBadReadPtr
ReleaseSemaphore
GetStringTypeA
HeapDestroy
OpenSemaphoreA
SetThreadLocale
FoldStringA
VirtualQuery
GetACP

msvcrt

__setusermatherr
_controlfp
_except_handler3
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da94349de956ee883769f7e60fde4dd4

Headers

File Characteristics

Imports

ole32

gdi32

comctl32

shlwapi

kernel32

msvcrt

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 314KB - Virtual size: 313KB

.data Size: 512B - Virtual size: 100KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 314KB - Virtual size: 313KB

.data
Size: 512B - Virtual size: 100KB

.rsrc
Size: 6KB - Virtual size: 6KB