db42b2eb562ea89ce6767093353e7c62_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db42b2eb562ea89ce6767093353e7c62_JaffaCakes118
Size

213KB
MD5

db42b2eb562ea89ce6767093353e7c62
SHA1

28696b185ef54cad49583172c26bbb8cddc00fb1
SHA256

c260e9270147ea1c1cbf6627787d214ed3dbf09772af62186ea92497292b808a
SHA512

057c48cdd1f7da1d6d3de53939a22e3521d8346df20a93e10125d71e05a3e9c7cf9460f439544c24acd0e98cc8404d9a36c6b4a185e2adb40f4a29e1f4bd48a8
SSDEEP

3072:8b1Z2xKhqHYqIrXRd1IgcoG3qld0ktRdzFjz2sg6bR31qohJ+lwX7rU8UuZgNCCi:8YKcAq6l9VFj393Ak+liNiNTiuwf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db42b2eb562ea89ce6767093353e7c62_JaffaCakes118

Files

db42b2eb562ea89ce6767093353e7c62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78dd7ded1f13e858c0470657d62d6b36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFile
SHCreateDirectoryExA
SHGetPathFromIDListW
ShellExecuteExA

comctl32

DestroyPropertySheetPage
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_DragEnter
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Replace
ImageList_SetImageCount
ImageList_Write
InitCommonControls
InitCommonControlsEx
PropertySheetW

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
CloseServiceHandle
CryptDestroyHash
CryptHashData
EqualSid
GetLengthSid
GetUserNameA
InitializeAcl
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenServiceA
QueryServiceStatus
RegDeleteKeyA
RegFlushKey
RegQueryValueA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
SetSecurityDescriptorOwner

user32

CreateMenu
DestroyWindow
DrawIcon
DrawTextA
GetCapture
GetClassNameA
GetClientRect
GetCursorPos
GetMenuState
GetSystemMetrics
GetTopWindow
GetWindowTextA
GetWindowThreadProcessId
InvalidateRect
IsWindowEnabled
IsWindowVisible
LoadIconA
PostQuitMessage
RedrawWindow
ReleaseCapture
RemoveMenu
SetClipboardData
SetRect
SetWindowLongA
ShowCursor
TrackPopupMenu
UpdateWindow
WaitMessage

kernel32

CompareStringA
CreateProcessA
DeleteFileA
FindFirstFileA
GetCurrentThread
GetFileSize
GetLocaleInfoA
GetModuleHandleA
GetSystemDefaultLCID
GetTimeZoneInformation
GlobalUnlock
InitializeCriticalSection
MultiByteToWideChar
RemoveDirectoryA
TlsSetValue
UnhandledExceptionFilter
WriteFile

ole32

CLSIDFromProgID
CoFreeUnusedLibraries
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoInitializeEx
CoReleaseMarshalData
CreateILockBytesOnHGlobal
CreateItemMoniker
DoDragDrop
OleGetClipboard
OleInitialize
RevokeDragDrop

gdi32

Chord
CreateBrushIndirect
CreateHatchBrush
CreateICW
DPtoLP
Ellipse
EnumFontFamiliesW
ExtEscape
FillRgn
GetBrushOrgEx
GetCurrentObject
GetDIBColorTable
GetDIBits
GetTextMetricsA
GetWindowExtEx
OffsetViewportOrgEx
Pie
RectInRegion
ScaleViewportExtEx
SetBrushOrgEx
SetMapMode
SetWinMetaFileBits
SetWorldTransform
StartDocA
TextOutA
UnrealizeObject

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

cjpAnvq9
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78dd7ded1f13e858c0470657d62d6b36

Headers

File Characteristics

Imports

shell32

comctl32

advapi32

user32

kernel32

ole32

gdi32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

cjpAnvq9 Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

cjpAnvq9
Size: 2KB - Virtual size: 120KB