d4d98dd0e6d24ff3adefceeaa6aabc42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d4d98dd0e6d24ff3adefceeaa6aabc42_JaffaCakes118
Size

132KB
MD5

d4d98dd0e6d24ff3adefceeaa6aabc42
SHA1

57cfe39d816a31295d6a16c29d3f736a509ea032
SHA256

35e701adaf12334871736582b2ffeb3d19c5f6463ba34631352439b959ee180a
SHA512

a0a03a582f7b662aebd2b694d1b1743848f9fb1f80a5cba2a13454583759a1602d1a78858cce84f7f31cf4f4650c7ce3c7acf1a8b6bc4c760fb63738722b8aa3
SSDEEP

3072:tbVZqYLEWLALI/AQfnXVpxgqmtBIBD+INfO2TFEKGyiePuUiJj:7ZrSiGBIBiegyieP2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4d98dd0e6d24ff3adefceeaa6aabc42_JaffaCakes118

Files

d4d98dd0e6d24ff3adefceeaa6aabc42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdfd804c408325421443c2738db5b498

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

strncat
sprintf
wcstoul
isdigit
exit
_initterm
_acmdln
__getmainargs
time
__p__commode
wcscmp
_controlfp
_strdup
__p__fmode
strerror
__setusermatherr
__set_app_type
_except_handler3
_adjust_fdiv
log10
_XcptFilter

kernel32

CreateProcessW
EnumCalendarInfoA
InterlockedIncrement
GetCPInfo
FileTimeToLocalFileTime
GetModuleHandleA
WaitForMultipleObjects
SetUnhandledExceptionFilter
VirtualProtect
IsBadReadPtr
GetStartupInfoA
VirtualAlloc
GetStringTypeExA
SetHandleCount
SetFileTime
GetDiskFreeSpaceA
GetTempFileNameA
MulDiv
lstrlenA

ole32

CreateBindCtx
CLSIDFromProgID
StringFromIID
IsEqualGUID
CreateItemMoniker
IIDFromString
StringFromCLSID
CoRegisterMessageFilter
RevokeDragDrop

gdi32

SetTextAlign
RoundRect
GetRgnBox
GetEnhMetaFileHeader
Polyline
GetTextFaceA
OffsetWindowOrgEx
GetTextMetricsA
MoveToEx
CopyEnhMetaFileA
StrokePath
GetStretchBltMode

version

VerLanguageNameA
VerInstallFileA
VerQueryValueA
VerFindFileW
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW

oleaut32

SafeArrayGetUBound
SafeArrayCreate
SysStringByteLen
SysFreeString
SafeArrayPutElement

user32

GetCursorPos
RedrawWindow
GetDesktopWindow
CallWindowProcA
DrawMenuBar
CallNextHookEx

comctl32

ImageList_GetBkColor
ImageList_SetIconSize
InitCommonControlsEx
ImageList_Add
ImageList_Replace
ImageList_Write
ImageList_GetIconSize
PropertySheetA
ImageList_Remove
CreatePropertySheetPageW
ImageList_AddMasked
ImageList_DragShowNolock

shell32

ExtractIconExA
DragFinish
SHGetSpecialFolderPathA
SHGetDesktopFolder
DragQueryFileA
ExtractIconExW
SHGetPathFromIDListW

advapi32

RegCreateKeyExA
RegQueryValueExA
OpenServiceW
CopySid
OpenThreadToken
LookupPrivilegeValueW

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bdfd804c408325421443c2738db5b498

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

gdi32

version

oleaut32

user32

comctl32

shell32

advapi32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 18KB - Virtual size: 41KB

.rsrc Size: 95KB - Virtual size: 168KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 18KB - Virtual size: 41KB

.rsrc
Size: 95KB - Virtual size: 168KB