e27021d85b20a8d6f06589d2fc225f69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e27021d85b20a8d6f06589d2fc225f69_JaffaCakes118
Size

82KB
MD5

e27021d85b20a8d6f06589d2fc225f69
SHA1

7d8abc7082b462c1ab0fe6746ddc4cb84628dde0
SHA256

a8b90f8c8a90d3c25cf421e6f9d91ff6cd01910bc7215fb09a6ec521674d6735
SHA512

ae1a76fe53bfdbd07784db4030a208b63678f5875baaab5e20914f5c26415f0fb45a1fc15da59433cc694eb88745209f5a9863a8f6828c5189520981d6c937c4
SSDEEP

1536:4duku+XDfbrVRY3BRo4+J2Dg2RrokF8VUbdor9MiuMn6TZF3UiQKw3:47JTff/oBRuAnRskvtix+lbg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e27021d85b20a8d6f06589d2fc225f69_JaffaCakes118

Files

e27021d85b20a8d6f06589d2fc225f69_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d859ccbf73beed104eed317d13b7f2e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetScrollPos
EqualRect
EnumWindows
SetWindowPos
GetSysColorBrush
UnhookWindowsHookEx
GetSubMenu
GetMessageA
PostQuitMessage
GetSysColor
FrameRect
EnableMenuItem
SetWindowTextA

kernel32

GetThreadLocale
FileTimeToSystemTime
GetOEMCP
GetFileAttributesA
GetTimeZoneInformation
RtlUnwind
ExitProcess
GetTempPathA
VirtualAllocEx
GetTickCount
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTime
GetACP
InterlockedExchange
GetStartupInfoA
GetCurrentProcessId

gdi32

CreateCompatibleBitmap
CreateICW
SelectClipPath
CopyEnhMetaFileA
SetViewportExtEx
GetMapMode
ExcludeClipRect
DPtoLP
FillRgn

ole32

StringFromGUID2
OleRun
StgOpenStorage
CoRevokeClassObject
DoDragDrop
CoInitializeSecurity
CoTaskMemRealloc
CoInitialize
CoCreateInstance

advapi32

CheckTokenMembership
AdjustTokenPrivileges
GetUserNameA
CryptHashData
FreeSid
RegQueryValueExW
GetSecurityDescriptorDacl
QueryServiceStatus
RegCreateKeyExW
RegCreateKeyA

msvcrt

__initenv
raise
fflush
strncpy
__setusermatherr
_CIpow
strcspn
signal
strlen
_mbscmp
puts
_lock
iswspace
fprintf
__getmainargs
_strdup
_flsbuf
_fdopen

comctl32

ImageList_SetIconSize
ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControls
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_DragEnter
ImageList_Write
ImageList_LoadImageW
ImageList_DrawEx
ImageList_GetIcon
ImageList_LoadImageA

shell32

CommandLineToArgvW
DragAcceptFiles
ShellExecuteW
DragQueryFileW
ExtractIconExW
ExtractIconW
SHBrowseForFolderA
DoEnvironmentSubstW
SHGetPathFromIDList
ShellExecuteEx
DragQueryFileA

oleaut32

SafeArrayPtrOfIndex
SafeArrayRedim
VariantCopy
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayPutElement
SafeArrayCreate

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d859ccbf73beed104eed317d13b7f2e6

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 6KB - Virtual size: 5KB