d388aaf09f116a647d6e0be7a1e2916e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d388aaf09f116a647d6e0be7a1e2916e_JaffaCakes118
Size

115KB
MD5

d388aaf09f116a647d6e0be7a1e2916e
SHA1

52e5a6d2cd5cdae5c31d4afdf32ce3107e114401
SHA256

55d58ee6e329df760f3f14fc730ee9c3dac4bdcddb43c735f098376b4d8d8807
SHA512

80adcf3bd884e83c8a611d10b57925519de1b31e70dd34781759462703b7d487ce50874b8ed585725f04d895c79c324efab1e8ecc7ad53d055154998e6dcc876
SSDEEP

3072:uHlAnXMIDRfEbwVjw8/uGvDtIHwqwpPkDvB4y:ykMPbKb0HOs5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d388aaf09f116a647d6e0be7a1e2916e_JaffaCakes118

Files

d388aaf09f116a647d6e0be7a1e2916e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e029150f5445a3f6e06329593ed0e564

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UnhookWindowsHookEx
GetMessageA
SetWindowPos
GetSubMenu
FrameRect
PostQuitMessage
GetScrollPos
EqualRect
GetSysColorBrush
SetWindowTextA
GetSysColor
EnumWindows
EnableMenuItem

kernel32

GetStartupInfoA
SetUnhandledExceptionFilter
VirtualAllocEx
GetTimeZoneInformation
GetSystemTime
GetCurrentProcessId
GetTickCount
InterlockedExchange
ExitProcess
GetACP
GetTempPathA
GetFileAttributesA
GetThreadLocale
FileTimeToSystemTime
RtlUnwind

gdi32

FillRgn
SetViewportExtEx
CreateICW
CreateCompatibleBitmap
GetMapMode
DPtoLP
ExcludeClipRect
SelectClipPath
CopyEnhMetaFileA

ole32

DoDragDrop
CoCreateInstance
CoInitializeSecurity
OleRun
CoTaskMemRealloc
StgOpenStorage
CoRevokeClassObject
CoInitialize
StringFromGUID2

advapi32

GetSecurityDescriptorDacl
FreeSid
RegCreateKeyA
RegCreateKeyExW
AdjustTokenPrivileges
CheckTokenMembership
QueryServiceStatus
RegQueryValueExW
GetUserNameA
CryptHashData

msvcrt

_strdup
iswspace
__initenv
strncpy
strlen
signal
strcspn
_lock
__getmainargs
_CIpow
__setusermatherr
_mbscmp
fprintf
_fdopen
puts
raise
_flsbuf
fflush

comctl32

ImageList_GetBkColor
ImageList_DragEnter
ImageList_SetIconSize
ImageList_DrawEx
ImageList_Destroy
InitCommonControls
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_LoadImageW
ImageList_Write
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetIconSize

shell32

CommandLineToArgvW
DoEnvironmentSubstW
ShellExecuteW
SHBrowseForFolderA
DragQueryFileA
SHGetPathFromIDList
DragQueryFileW
ExtractIconW
ShellExecuteEx
DragAcceptFiles
ExtractIconExW

oleaut32

SafeArrayCreate
VariantCopy
SafeArrayGetUBound
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SysReAllocStringLen

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e029150f5445a3f6e06329593ed0e564

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 36KB - Virtual size: 36KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 33KB - Virtual size: 34KB

.text
Size: 36KB - Virtual size: 36KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 33KB - Virtual size: 34KB