ea49127750e4fe06f7e40d3e747d9353_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea49127750e4fe06f7e40d3e747d9353_JaffaCakes118
Size

79KB
MD5

ea49127750e4fe06f7e40d3e747d9353
SHA1

d91ea40d13bdca8616159d002965d0944d9797a0
SHA256

2e1490e10ac5093e568436314a2014ffd168bf4fb29729b25e2f55997d447018
SHA512

890f8143c08f2ebb8bfb46e9f261433be09276ceff941ad6670a7f010d6b14d9af90c89712f034a8374bf9a39a8664e61a6eadbeaf9f9d00486a66e8da912f1b
SSDEEP

1536:Vf3fUvD0tYmBuM3p1RxGBQ50c1KzqEXgr6Mt55gbl:VXqUuMZ1jGQ0tZrZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea49127750e4fe06f7e40d3e747d9353_JaffaCakes118

Files

ea49127750e4fe06f7e40d3e747d9353_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8828c013ab6be249252920aadc5061d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostQuitMessage
FrameRect
SetWindowPos
SetWindowTextA
EnableMenuItem
GetSubMenu
GetScrollPos
GetSysColorBrush
GetSysColor
EqualRect
UnhookWindowsHookEx
GetMessageA
EnumWindows

kernel32

ExitProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
GetFileAttributesA
GetStartupInfoA
RtlUnwind
InterlockedExchange
VirtualAllocEx
GetTickCount
GetTempPathA
GetTimeZoneInformation
GetACP
GetThreadLocale
FileTimeToSystemTime

gdi32

DPtoLP
CreateCompatibleBitmap
CreateICW
ExcludeClipRect
SelectClipPath
GetMapMode
CopyEnhMetaFileA
FillRgn
SetViewportExtEx

ole32

CoInitializeSecurity
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoInitialize
CoRevokeClassObject
DoDragDrop
OleRun
StgOpenStorage

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
GetSecurityDescriptorDacl
CheckTokenMembership
CryptHashData
FreeSid
RegQueryValueExW
QueryServiceStatus
GetUserNameA
RegCreateKeyA

msvcrt

_lock
iswspace
_CIpow
strcspn
puts
fflush
_flsbuf
_mbscmp
strlen
__setusermatherr
__getmainargs
fprintf
_strdup
__initenv
strncpy
raise
_fdopen
signal

comctl32

ImageList_GetIcon
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_Destroy
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_DragEnter
ImageList_DrawEx
ImageList_Write
ImageList_LoadImageW
InitCommonControls

shell32

DoEnvironmentSubstW
SHBrowseForFolderA
ExtractIconW
ExtractIconExW
DragQueryFileW
CommandLineToArgvW
ShellExecuteEx
DragAcceptFiles
ShellExecuteW
DragQueryFileA
SHGetPathFromIDList

oleaut32

SafeArrayGetUBound
SafeArrayRedim
SafeArrayUnaccessData
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayCreate
VariantCopy

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mcszlim
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8828c013ab6be249252920aadc5061d8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 34KB

mcszlim Size: - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 34KB

mcszlim
Size: - Virtual size: 4KB