d4ff931f7fc7a07398cc5d0e541758e0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d4ff931f7fc7a07398cc5d0e541758e0_JaffaCakes118
Size

140KB
MD5

d4ff931f7fc7a07398cc5d0e541758e0
SHA1

2d6cc9b29593bd2f93912690a1d04e838f7ec531
SHA256

1c6804200e98a87621e97d1bccda3f075ee124a53ff08d2d84097b87d5ea47d3
SHA512

c21318d9f9e3f69a782adb4f31ffa2e2a628a58e4fa291b43ccc8d120ffd650a1247a992e6177b8366a300325b6ce633878bebfe772497133615db80d4c7f4ef
SSDEEP

3072:lOaN43Z8FEZ6Z/z1ISGuJp0uG8IPW6g0CS1EO/VxN/LasxZuA:lL46l1RJWuG8I+9S1EOdxN/uqV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ff931f7fc7a07398cc5d0e541758e0_JaffaCakes118

Files

d4ff931f7fc7a07398cc5d0e541758e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ae5caf7f2af0d8a36bb2f885390cd17a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentProcessId
VirtualProtect
GlobalAlloc
UnhandledExceptionFilter
GetStartupInfoA
FormatMessageA
GetSystemDirectoryW
InterlockedExchange
GetModuleHandleA
GetFileTime
GetStdHandle

msvcrt

_setmode
strerror
_XcptFilter
strcspn
log10
_except_handler3
time
_adjust_fdiv
_acmdln
_ftol
__p__commode
__setusermatherr
_mbscmp
__dllonexit
_controlfp
_filelengthi64
exit
_initterm
_errno
__p__fmode
_setjmp3
realloc
__set_app_type
__getmainargs

user32

WinHelpA
EndPaint
GetMessageA
InsertMenuA
GetPropA
DrawTextA
DestroyWindow
GetScrollInfo
GetMenu
CreateMenu
AdjustWindowRectEx

ole32

StgOpenStorageOnILockBytes
CoSetProxyBlanket
OleFlushClipboard
OleDraw
StringFromGUID2
OleSetClipboard

version

VerInstallFileA
GetFileVersionInfoSizeW
VerQueryValueA
VerFindFileW
GetFileVersionInfoA
VerInstallFileW
VerQueryValueW
GetFileVersionInfoSizeA

advapi32

RegQueryInfoKeyA
RegDeleteValueA
RegOpenKeyW
OpenServiceA
GetLengthSid
CryptReleaseContext
CryptDestroyHash
RegQueryValueExA
FreeSid
RegOpenKeyA

oleaut32

SysAllocStringLen
SafeArrayRedim
VariantInit
SysStringLen
SysReAllocStringLen
SafeArrayCreate

gdi32

SetMetaFileBitsEx
CreatePen
EnumFontFamiliesExA
CreateSolidBrush
GetObjectA
GetTextMetricsA
PlayEnhMetaFile
EndPath
CreateCompatibleBitmap
ExtSelectClipRgn
CreateRectRgn
AddFontResourceA
SetRectRgn
EndDoc
CreateEllipticRgn

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_ReplaceIcon
ImageList_AddMasked
InitCommonControlsEx
PropertySheetW
CreateStatusWindowA
CreatePropertySheetPageW
ImageList_GetBkColor
ImageList_SetDragCursorImage

shell32

SHCreateDirectoryExA
SHGetFileInfoA
SHGetFolderPathA
SHAppBarMessage
SHGetDesktopFolder
FindExecutableW
SHBrowseForFolder
DragQueryFileW
SHGetPathFromIDListA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ae5caf7f2af0d8a36bb2f885390cd17a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

version

advapi32

oleaut32

gdi32

comctl32

shell32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 18KB - Virtual size: 39KB

.rsrc Size: 101KB - Virtual size: 172KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 18KB - Virtual size: 39KB

.rsrc
Size: 101KB - Virtual size: 172KB