e1f3066027ad2890e1bd46ca5f112e23_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1f3066027ad2890e1bd46ca5f112e23_JaffaCakes118
Size

82KB
MD5

e1f3066027ad2890e1bd46ca5f112e23
SHA1

ec75a15b21c8333c6a0e3d72db20991efefef5eb
SHA256

d0a9127fbe38a37e9d2f33047da626d0bdd67b327973bcedec9fede623094150
SHA512

514741e5ea6bda6bd4f11b21347f730b8a1fa55858bb996e57ecc882699c34849ecd2bfa263800c2394535969756c448fcf8ed6ced0949726e0f751fc2334f51
SSDEEP

1536:4+kTbuhQkodxV3AudQVSeXzc9ayvdfY0TqhQJx5bEq+2WgdcSg2PvLT:41bCodxVQuqVSeY9aylfnTxJd+2BdcSd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1f3066027ad2890e1bd46ca5f112e23_JaffaCakes118

Files

e1f3066027ad2890e1bd46ca5f112e23_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5079f89ef85a3e56053241869c2e8ac3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetSubMenu
GetSysColorBrush
GetSysColor
SetWindowPos
UnhookWindowsHookEx
GetMessageA
GetScrollPos
EnumWindows
FrameRect
EqualRect
EnableMenuItem
PostQuitMessage
SetWindowTextA

kernel32

SetUnhandledExceptionFilter
GetOEMCP
FileTimeToSystemTime
GetCurrentProcessId
QueryPerformanceCounter
GetTempPathA
GetThreadLocale
GetTimeZoneInformation
GetFileAttributesA
InterlockedExchange
VirtualAllocEx
GetStartupInfoA
ExitProcess
GetSystemTime
RtlUnwind

gdi32

SetViewportExtEx
GetMapMode
DPtoLP
CreateCompatibleBitmap
FillRgn
CreateICW
ExcludeClipRect
SelectClipPath
CopyEnhMetaFileA

ole32

CoTaskMemRealloc
CoRevokeClassObject
StringFromGUID2
CoInitializeSecurity
CoCreateInstance
OleRun
DoDragDrop
StgOpenStorage
CoInitialize

advapi32

QueryServiceStatus
AdjustTokenPrivileges
FreeSid
CheckTokenMembership
RegQueryValueExW
RegCreateKeyA
GetSecurityDescriptorDacl
CryptHashData
GetUserNameA
RegCreateKeyExW

msvcrt

_fdopen
strcspn
_CIpow
__setusermatherr
fprintf
__getmainargs
strncpy
iswspace
raise
_mbscmp
_strdup
__initenv
fflush
_lock
strlen
signal
puts
_flsbuf

comctl32

ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_GetIcon
InitCommonControls
ImageList_DrawEx
ImageList_LoadImageW
ImageList_SetIconSize
ImageList_GetBkColor
CreatePropertySheetPageA
ImageList_Write
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_Destroy

shell32

ShellExecuteEx
DragAcceptFiles
DragQueryFileW
CommandLineToArgvW
ShellExecuteW
DoEnvironmentSubstW
ExtractIconExW
SHBrowseForFolderA
SHGetPathFromIDList
ExtractIconW
DragQueryFileA

oleaut32

SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayPutElement
SafeArrayRedim
SafeArrayGetUBound
VariantCopy
SysReAllocStringLen

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5079f89ef85a3e56053241869c2e8ac3

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 84KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 84KB