eab3d365cb249a6496db01492e2289b4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eab3d365cb249a6496db01492e2289b4_JaffaCakes118
Size

141KB
MD5

eab3d365cb249a6496db01492e2289b4
SHA1

8d24a65f9666f5b9ade70cf14e9f5f403657edbf
SHA256

1a124b1efe8ea45b2ba73ba6859d778a0b865994a1d23f643f8110e1770fd77d
SHA512

0d482a51a13c809ed70fe114497a1c64bbcae5f08168275d209f60a5fb53861429c59736ea1563b03acc78550b9a4aa01296755667024e055a4dc8fbfffd5c81
SSDEEP

3072:3lp+FWgo0DahcKP+iyukH6eRq4kRN/pDHn6SPHeYvQvRpaLKVNW38:fkGhcKDdI6slkRJprRHXIvRpBgM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eab3d365cb249a6496db01492e2289b4_JaffaCakes118

Files

eab3d365cb249a6496db01492e2289b4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70e37cff824229cb60d971b4dcce4acd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
ExpandEnvironmentStringsA
Sleep
VirtualProtect
OutputDebugStringA
GetConsoleMode
GetVersionExA
GetACP
GetStartupInfoA
GetCurrentProcess
lstrcmpiW

msvcrt

__getmainargs
_assert
_unlink
_controlfp
_isatty
strcspn
_ultoa
__set_app_type
__p__commode
_XcptFilter
exit
strncmp
_acmdln
__setusermatherr
ungetc
longjmp
_setmode
_initterm
gmtime
_wtol
log10
_adjust_fdiv
__p__fmode
_except_handler3
towlower

gdi32

GetBrushOrgEx
GetStretchBltMode
Polyline
GetBkMode
GetTextAlign
SetBrushOrgEx
GetROP2
ExtTextOutA
ArcTo
GetRegionData
PatBlt

oleaut32

SafeArrayCreate
SafeArrayGetUBound
VariantClear
SysFreeString
SysAllocStringByteLen
GetActiveObject

user32

FindWindowA
LoadStringA
WindowFromPoint
EndDialog
SetFocus
DispatchMessageA
DefWindowProcA
GetMessageA

version

VerInstallFileW
GetFileVersionInfoW
VerFindFileW
VerLanguageNameA
VerInstallFileA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

FreeSid
InitializeSecurityDescriptor
RegDeleteValueW
CryptAcquireContextA
SetSecurityDescriptorGroup
RegDeleteKeyA
RegOpenKeyExA

comctl32

ImageList_SetBkColor
ImageList_DragShowNolock
CreateStatusWindowA
ImageList_BeginDrag
ImageList_SetDragCursorImage

shell32

ShellExecuteExA
SHBrowseForFolder
DragFinish
DragQueryFileW
SHCreateDirectoryExA
SHGetMalloc
SHGetPathFromIDList
SHGetSettings
ExtractIconA
ShellExecuteA
FindExecutableW
SHBrowseForFolderW
SHGetFolderLocation

ole32

CoTaskMemAlloc
CoInitialize
CLSIDFromProgID
CoFreeUnusedLibraries
StgOpenStorage
CoGetClassObject
CoGetMalloc
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoRegisterClassObject

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70e37cff824229cb60d971b4dcce4acd

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

oleaut32

user32

version

advapi32

comctl32

shell32

ole32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 105KB - Virtual size: 105KB