db151477f0002057d5596b769e7f00fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db151477f0002057d5596b769e7f00fc_JaffaCakes118
Size

148KB
MD5

db151477f0002057d5596b769e7f00fc
SHA1

7bb5f142fc6c41b477afc0414556753bfcf89c6a
SHA256

5caaeeae5d5a3354d7130b7e4c21bfba2a3199572960e701b3a7a96550873237
SHA512

e3c7c0c10bd6d9a6f50f818241df045f65e7f7b76c9d44d4fa251eb48a8ef4637f3e5a547f13e67bb20fff505d26364cf611ee9916d466258f7dc9e4a68c7890
SSDEEP

3072:lr8UH0Um/9tk5VoGlzXKWWVZpJTkZL0D4CKSmJYnjALo4WM:dxoXV9xjmSnjtM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db151477f0002057d5596b769e7f00fc_JaffaCakes118

Files

db151477f0002057d5596b769e7f00fc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8977156f7afab55e792a947187d1be5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetModuleHandleA
GlobalUnlock
GetStartupInfoA
GetCurrentProcessId
GetFileAttributesA
FileTimeToDosDateTime
GetDriveTypeA
GetLocalTime
LocalAlloc
FlushFileBuffers
GetFileAttributesW

user32

DispatchMessageA
WaitMessage
LoadBitmapA
GetMenuItemCount
SetWindowLongA
IntersectRect
GetSystemMetrics
GetClassInfoA
DrawTextA
ShowOwnedPopups
MapWindowPoints
SetCapture
wsprintfA
GetSysColor

msvcrt

log10
_adjust_fdiv
_acmdln
__set_app_type
__getmainargs
fflush
_wcsicmp
_flsbuf
towupper
_itow
_XcptFilter
__p__fmode
_except_handler3
exit
__setusermatherr
__p__commode
_setjmp
_mbsicmp
strtoul
fgetc
_initterm
_cexit
_wtoi

shell32

SHGetSpecialFolderPathW
SHBindToParent
SHGetFolderLocation
SHGetMalloc
SHCreateDirectoryExW
SHGetFileInfoA
SHGetFileInfo
ExtractIconW
ShellExecuteA
DragQueryFileA
SHGetPathFromIDListA
ExtractIconA
ExtractIconExW
SHAppBarMessage
DragQueryFile

oleaut32

GetActiveObject
SetErrorInfo
SysStringByteLen
SafeArrayGetElement
SafeArrayUnaccessData
LoadTypeLib
SysAllocStringByteLen
SysReAllocStringLen

comctl32

ImageList_Write
CreatePropertySheetPageA
ImageList_LoadImageA
ImageList_AddMasked
ImageList_Create
CreateStatusWindowA
ImageList_SetBkColor
ImageList_SetDragCursorImage
CreateToolbarEx

advapi32

AllocateAndInitializeSid
AdjustTokenPrivileges
RegQueryInfoKeyA
RegCreateKeyA
GetLengthSid
SetSecurityDescriptorOwner
GetUserNameA
OpenServiceW

ole32

IsEqualGUID
CoSetProxyBlanket
CoTaskMemRealloc
StgOpenStorageOnILockBytes
OleSetClipboard
CoCreateGuid
CoTaskMemFree
IIDFromString
CoLoadLibrary
ProgIDFromCLSID
CoRegisterMessageFilter
CoRevokeClassObject

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8977156f7afab55e792a947187d1be5a

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

oleaut32

comctl32

advapi32

ole32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 136KB - Virtual size: 136KB

.data Size: 6KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 136KB - Virtual size: 136KB

.data
Size: 6KB - Virtual size: 5KB