d4465fca6203a0523b75a275cbf008e7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d4465fca6203a0523b75a275cbf008e7_JaffaCakes118
Size

142KB
MD5

d4465fca6203a0523b75a275cbf008e7
SHA1

03573692c3e3a39257319d8eed79a72bea7ec3f7
SHA256

e3c0f15f00048a47024c264813715e0b1f39c9c4c0fa1dcd71c6110c2867e542
SHA512

3af71d99782191ed04f681631d7da3c3d4f79dcc6df21278715cb44fe306c32dffbbb780a32f2d0333457407eb5280b9c031d84d59ad96578dd8ffb4805f2f5b
SSDEEP

3072:KnH3zKGI/bjtwSgl+msQuAH98hkjBfTBnDtaYOSeUCVe:gaj/49GkjNTBnBaYOS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4465fca6203a0523b75a275cbf008e7_JaffaCakes118

Files

d4465fca6203a0523b75a275cbf008e7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8541a987f81d2c508d9f64a53d8eeb8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RemoveDirectoryA
SystemTimeToFileTime
lstrlenW
GetDiskFreeSpaceA
LCMapStringA
VirtualProtect
GetModuleHandleA
GetStartupInfoA

msvcrt

_XcptFilter
_acmdln
log10
strncmp
__p__commode
__set_app_type
_umask
__initenv
_except_handler3
__getmainargs
_adjust_fdiv
_initterm
__p__fmode
localtime
wctomb
__setusermatherr
wcsncmp
exit
__p__environ
_controlfp
time
wcsncpy

gdi32

GetDCOrgEx
CreateBitmap
SelectClipRgn
CreateICA
RoundRect
SetDIBits
SetMetaFileBitsEx
GetMapMode
EndPath
CreateCompatibleBitmap
DeleteMetaFile
GetTextFaceA
PolyBezierTo
LineDDA

user32

CreatePopupMenu
CheckMenuItem
CallWindowProcA
GetWindowTextA
DestroyCursor
SetPropA
SetScrollPos
SetScrollRange
ReleaseDC
PeekMessageA

version

VerInstallFileW
GetFileVersionInfoW
VerFindFileW
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW

comctl32

CreatePropertySheetPageA
ImageList_BeginDrag
ImageList_LoadImageA
ImageList_DragLeave
ImageList_AddMasked
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Destroy

advapi32

SetSecurityDescriptorDacl
ControlService
RegDeleteKeyA
LookupPrivilegeValueA
RegEnumKeyW
CheckTokenMembership
GetLengthSid
RegSetValueExW
RegDeleteValueW
RegDeleteValueA
DeregisterEventSource
OpenServiceW
InitializeAcl
RegOpenKeyW
GetUserNameA

ole32

CoInitializeEx
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoGetClassObject
OleSetClipboard
GetRunningObjectTable
CoInitializeSecurity
CoTaskMemFree

oleaut32

SafeArrayUnaccessData
SafeArrayGetElement
VariantCopyInd
SetErrorInfo
SysStringByteLen
SysStringLen
VariantClear
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayPutElement
SysFreeString

shell32

DragAcceptFiles
ExtractIconA
Shell_NotifyIconW
SHCreateDirectoryExA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8541a987f81d2c508d9f64a53d8eeb8e

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

version

comctl32

advapi32

ole32

oleaut32

shell32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 18KB - Virtual size: 42KB

.rsrc Size: 103KB - Virtual size: 102KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 18KB - Virtual size: 42KB

.rsrc
Size: 103KB - Virtual size: 102KB