ef634af617c376c4716ceecc1dc27ce3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ef634af617c376c4716ceecc1dc27ce3_JaffaCakes118
Size

83KB
MD5

ef634af617c376c4716ceecc1dc27ce3
SHA1

f7a6504c787dd445f52f6b30fd7ec4890eca464e
SHA256

293f511d2aa724aaf3e64abc1f9de81f1538e3db1937e229dba914ac241a1b8e
SHA512

27ad85a21fce8e78ad3f34094b974ff2a16c1e924ff7b9c5b14fa2b4321b1a14cddfd27b7769d572e16cfa190a31034b70430d0b7f78eceb4e27e1d5969d0a63
SSDEEP

1536:EKArY6BLoJth8XZNX6/kgHi1jNGfQ3vNSZqMXhR6FwORrBh/Ms:pijBG8X7X6/kgmNGI31IKdFBht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef634af617c376c4716ceecc1dc27ce3_JaffaCakes118

Files

ef634af617c376c4716ceecc1dc27ce3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

98509a2d410e02efeb2173f523ead715

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowPos
UnhookWindowsHookEx
EqualRect
SetWindowTextA
GetSubMenu
GetScrollPos
EnumWindows
EnableMenuItem
FrameRect
PostQuitMessage
GetMessageA
GetSysColorBrush
GetSysColor

kernel32

GetFileAttributesA
FileTimeToSystemTime
GetThreadLocale
SetUnhandledExceptionFilter
GetStartupInfoA
GetTimeZoneInformation
InterlockedExchange
GetCurrentProcessId
GetSystemTime
RtlUnwind
VirtualAllocEx
ExitProcess
QueryPerformanceCounter
GetTempPathA

gdi32

CopyEnhMetaFileA
FillRgn
SelectClipPath
DPtoLP
GetMapMode
ExcludeClipRect
CreateCompatibleBitmap
CreateICW
SetViewportExtEx

ole32

CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoInitialize
StgOpenStorage
OleRun
DoDragDrop
CoInitializeSecurity
CoRevokeClassObject

advapi32

GetUserNameA
AdjustTokenPrivileges
RegCreateKeyA
RegQueryValueExW
FreeSid
GetSecurityDescriptorDacl
RegCreateKeyExW
CryptHashData
QueryServiceStatus
CheckTokenMembership

msvcrt

_lock
__initenv
_CIpow
_flsbuf
iswspace
puts
strncpy
raise
strcspn
__setusermatherr
_mbscmp
__getmainargs
fflush
_fdopen
strlen
signal
fprintf
_strdup

comctl32

ImageList_GetBkColor
ImageList_GetIconSize
ImageList_LoadImageW
ImageList_Destroy
ImageList_SetIconSize
ImageList_Write
ImageList_DrawEx
ImageList_DragEnter
ImageList_GetIcon
CreatePropertySheetPageA
InitCommonControls
ImageList_LoadImageA
ImageList_ReplaceIcon

shell32

DragQueryFileA
SHGetPathFromIDList
DragAcceptFiles
ShellExecuteEx
ExtractIconExW
DoEnvironmentSubstW
ShellExecuteW
DragQueryFileW
CommandLineToArgvW
ExtractIconW
SHBrowseForFolderA

oleaut32

SafeArrayUnaccessData
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayRedim

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

98509a2d410e02efeb2173f523ead715

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 80KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 80KB