d442ce00826dd7412a809e29270d3aca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d442ce00826dd7412a809e29270d3aca_JaffaCakes118
Size

146KB
MD5

d442ce00826dd7412a809e29270d3aca
SHA1

8f39e5680b42db7b156a8e32f90d991774e4d9b6
SHA256

45270bb21afb13224e2c333c6905d2febd50b816c42de1a97cae3d3f05f0b642
SHA512

7b049f7f515222e86124c7a63aee83ba2d9534c5d6c011a72cfdc2a610790faf467826231c8279c5cce8b7861c00923eca552c17bd3ccff8797a6b49dcf3e568
SSDEEP

3072:01w5k+T+yFbb7a1jDCDQObTssbK8rEzeQ9R3:0abbBsOKXzzR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d442ce00826dd7412a809e29270d3aca_JaffaCakes118

Files

d442ce00826dd7412a809e29270d3aca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

042b5ac0ae69fad88ca3fd8e8f3fd8f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetStringTypeW
EnumCalendarInfoA
GetCommandLineW
OutputDebugStringA
GetModuleHandleA
SetErrorMode
VirtualAlloc
GetEnvironmentStrings
VirtualProtect
Sleep

msvcrt

_adjust_fdiv
_initterm
_except_handler3
_mkdir
_stricmp
__p__fmode
_snprintf
swscanf
exit
fflush
_acmdln
_itoa
__getmainargs
_XcptFilter
wcstol
__p__commode
strerror
__setusermatherr
__p__environ
__set_app_type
log
_lock
longjmp

user32

GetScrollPos
DrawIcon
GetCursorPos
IsWindowEnabled
CheckMenuItem
SetWindowPlacement
RegisterClassA
GetMessagePos

ole32

CoReleaseMarshalData
CLSIDFromProgID
StringFromGUID2
CLSIDFromString
RegisterDragDrop
CreateItemMoniker
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoRevokeClassObject
CreateILockBytesOnHGlobal

shell32

ShellExecuteA
DragAcceptFiles
SHAddToRecentDocs
DragFinish
SHAppBarMessage
SHGetFileInfoA
Shell_NotifyIconW
SHGetFolderLocation
ExtractIconExW
DoEnvironmentSubstW
SHBindToParent
SHGetSpecialFolderPathA

comctl32

CreatePropertySheetPageA
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_Read
ImageList_GetIcon
DestroyPropertySheetPage
InitializeFlatSB

oleaut32

SafeArrayRedim
SysAllocStringByteLen
VariantInit
SysFreeString
VariantCopy
SysStringLen
SafeArrayPutElement
SafeArrayGetElement

version

VerLanguageNameA
VerFindFileW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerInstallFileA
VerInstallFileW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA

advapi32

CryptReleaseContext
RegEnumValueA
CryptGenRandom
OpenProcessToken
RegCreateKeyA
OpenThreadToken
GetLengthSid
InitializeAcl
RegOpenKeyA

gdi32

GetRegionData
FrameRgn
CreateMetaFileW
SetBkColor
ScaleWindowExtEx
UnrealizeObject
PlayMetaFileRecord
GetTextMetricsA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

042b5ac0ae69fad88ca3fd8e8f3fd8f1

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

shell32

comctl32

oleaut32

version

advapi32

gdi32

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 32KB - Virtual size: 32KB