e2534156cb5f108b891a3dfb7780d2d6_JaffaCakes118

General

Target

e2534156cb5f108b891a3dfb7780d2d6_JaffaCakes118
Size

106KB
MD5

e2534156cb5f108b891a3dfb7780d2d6
SHA1

f5826ae9d7d94cedf5fad836aa4f6502ef432b8e
SHA256

409c1400e2c3cd78ddfbf6cc117f7264ff0186e58ed8231585ef7de635efccaa
SHA512

13abbd5b10aaba8ed8003a3d04cb45406a2453d221fec9c5549ccb565ee86c219978167132895ae25dd21c52bade4f3abecbc3b7e3272f23f9d2e5d7846be5b2
SSDEEP

3072:TKWVrqAL2XOPY1kh67TgG9bVm1TNaVct+4KsoXxG6H:jwAyePJh67rANtusExL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2534156cb5f108b891a3dfb7780d2d6_JaffaCakes118

Files

e2534156cb5f108b891a3dfb7780d2d6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6850085d125fa5800e435b4036556e2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
SetLastError
VirtualProtect
MulDiv
CompareFileTime
GetModuleFileNameW
GetCurrentDirectoryA
GetModuleHandleA
SystemTimeToFileTime

user32

CreatePopupMenu
RegisterClassA
GetSysColor
IsChild
GetWindow
SetScrollPos
EndDialog
GetTopWindow
UnhookWindowsHookEx
CreateWindowExA
GetParent

msvcrt

wcsrchr
log
atol
strncmp
_except_handler3
__p__commode
fclose
_adjust_fdiv
_wfopen
wcscspn
_assert
_acmdln
_isctype
realloc
_filbuf
__setusermatherr
__getmainargs
__p__fmode
exit
_XcptFilter
_initterm
__set_app_type
sqrt
memcpy

advapi32

QueryServiceStatus
RegFlushKey
OpenServiceA
CopySid
SetSecurityDescriptorGroup
RegDeleteValueA
RegOpenKeyExW

ole32

CoGetMalloc
CoSetProxyBlanket
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
PropVariantClear
StgOpenStorage
CreateBindCtx
CoInitializeSecurity

comctl32

ImageList_EndDrag
ImageList_GetBkColor
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetImageInfo
ImageList_SetDragCursorImage
ImageList_SetOverlayImage
ImageList_Write

oleaut32

SafeArrayCreate
LoadTypeLib
SysAllocStringLen
GetErrorInfo
SysReAllocStringLen
SafeArrayGetElement
SysStringByteLen
SysFreeString

shell32

SHGetFolderLocation
SHGetFileInfo
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6850085d125fa5800e435b4036556e2c

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

ole32

comctl32

oleaut32

shell32

Sections

.text Size: 75KB - Virtual size: 75KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 75KB - Virtual size: 75KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB