dd093e18d7859c65499932c4b1a095c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dd093e18d7859c65499932c4b1a095c6_JaffaCakes118
Size

143KB
MD5

dd093e18d7859c65499932c4b1a095c6
SHA1

21b9d98d2d61e76fb501e9c79a1b72585b461780
SHA256

9f2c8a4482416f79c80b13e849e34c5d5f130a9db358a142fb0cfc01b3b8faff
SHA512

c68b16b5b6508283f928033b5ba34c03cc22d5d094d9ced225c17d550fdb87ab8bba417e3cdfa5a576b5d3f614949b9c852caf81a239d9932c5b0301bc3cbba4
SSDEEP

3072:w2RI0nZPNgnF2JjTiXZZKF2QUrs2vy0JgrmD/5qoNhnSEoqWyrM2mb7reP:wTmPxTiXOkQcvyBy5qghnrEyrrmbK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd093e18d7859c65499932c4b1a095c6_JaffaCakes118

Files

dd093e18d7859c65499932c4b1a095c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01abbe49f76259c1eecea81f216267fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_controlfp
exit
_stat
__setusermatherr
__p__fmode
__set_app_type
_initterm
__getmainargs
bsearch
_umask
_XcptFilter
_stricmp
toupper
_except_handler3
_acmdln
__p__commode
_adjust_fdiv
wcschr
log10
_mkdir

kernel32

GetTickCount
GetConsoleOutputCP
GetConsoleMode
GetCurrentDirectoryA
CreateFileMappingA
VirtualProtect
UnhandledExceptionFilter
SetThreadLocale
GetDiskFreeSpaceA
lstrcpynA
GetSystemInfo
GetModuleHandleA
GetStartupInfoA
lstrlenA

shell32

Shell_NotifyIconW
DragFinish
SHGetFileInfoA
SHBrowseForFolderA
SHGetSpecialFolderPathA
ExtractIconExW
SHGetFolderPathA

oleaut32

SysFreeString
LoadTypeLib
SafeArrayPutElement
SafeArrayGetUBound
VariantCopy
SafeArrayGetElement
SafeArrayUnaccessData
VariantClear
GetActiveObject
SysStringLen
SetErrorInfo

advapi32

GetLengthSid
GetTokenInformation
RegOpenKeyExA
RegSetValueExW
LookupPrivilegeValueW
RegDeleteKeyA
RegOpenKeyA
SetSecurityDescriptorGroup
InitiateSystemShutdownA
RegCreateKeyExA
AdjustTokenPrivileges

version

VerInstallFileA
VerFindFileW
GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeW
VerInstallFileW
VerQueryValueW
VerQueryValueA

comctl32

PropertySheetA
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_GetImageCount
InitCommonControlsEx

user32

DestroyMenu
OemToCharA
LoadBitmapA
PostQuitMessage
OpenClipboard
SetPropA
GetWindowThreadProcessId
FrameRect
RegisterWindowMessageA

ole32

CoGetMalloc
CoReleaseMarshalData
IsAccelerator
CLSIDFromProgID
CoDisconnectObject
StgOpenStorageOnILockBytes
CoSetProxyBlanket
OleSetMenuDescriptor
OleFlushClipboard
CoCreateGuid

gdi32

OffsetClipRgn
CreatePen
CreatePalette
PtInRegion
DeleteDC
GetCharacterPlacementA
GetObjectType
GetTextColor
GetSystemPaletteEntries
OffsetWindowOrgEx
CreateDCA
GetObjectW
CreateICW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

01abbe49f76259c1eecea81f216267fa

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

oleaut32

advapi32

version

comctl32

user32

ole32

gdi32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 106KB - Virtual size: 184KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 106KB - Virtual size: 184KB