f50a6c5dd692385471722b15dc5a2291_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f50a6c5dd692385471722b15dc5a2291_JaffaCakes118
Size

145KB
MD5

f50a6c5dd692385471722b15dc5a2291
SHA1

3ae09dd3d4bb2ce99173f7893bebb8ab34100125
SHA256

38b82bec03d6b8d87e8cdd02bd4c52e6225a613afca817d94f3a7c522b1087ca
SHA512

ca1d418efa529a634e60e46a5ac5f51f47acba83d6246719986a23b6a8d4efed7537a955d4436e53fb08d827f81bd763bcdf2b3f926163a40090a509bd043293
SSDEEP

3072:gcUZSWrfCmro0UNDDqSFH0lZyLO59Uv11B2odBD8tpqZQT:gRiNDDH18B5Y110+BD8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f50a6c5dd692385471722b15dc5a2291_JaffaCakes118

Files

f50a6c5dd692385471722b15dc5a2291_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d968aafe8c78587d4fecf1feb20183aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
GetModuleFileNameA
GetDateFormatA
VirtualProtect
GetTempPathW
GetModuleHandleA
FormatMessageA
GetStdHandle
lstrcmpiA
OutputDebugStringA

msvcrt

_XcptFilter
_fullpath
_except_handler3
__setusermatherr
_adjust_fdiv
__p__fmode
log
__p__commode
__getmainargs
_mbscmp
towupper
_initterm
exit
isleadbyte
rand
_acmdln
__set_app_type
_umask
_fdopen

user32

MessageBoxA
RegisterWindowMessageA
IsRectEmpty
FillRect
GetMenuStringA
OffsetRect
PeekMessageA
InvalidateRect
GetWindow
GetCursorPos

version

VerQueryValueW
VerInstallFileA
VerInstallFileW
VerFindFileW
GetFileVersionInfoW
VerQueryValueA

gdi32

GetStretchBltMode
SetBkMode
SetMapMode
OffsetWindowOrgEx
CreatePatternBrush
CreatePen
PolyBezierTo
LineTo
EnumFontFamiliesExW
RemoveFontResourceA
ExtCreatePen

oleaut32

SafeArrayPtrOfIndex
VariantCopyInd
SafeArrayGetUBound
SysReAllocStringLen
GetErrorInfo
VariantInit
SysAllocStringLen
SetErrorInfo

advapi32

IsValidSid
RegQueryValueExW
GetLengthSid
RegFlushKey
OpenServiceA
AdjustTokenPrivileges
OpenSCManagerW
RegEnumKeyExW
RegSetValueExW

shell32

DoEnvironmentSubstW
SHGetSpecialFolderPathW
SHFileOperationA
SHGetFolderLocation
Shell_NotifyIconA
SHGetSpecialFolderLocation
FindExecutableW

comctl32

ImageList_LoadImageW
ImageList_Create
CreatePropertySheetPageA
ImageList_SetIconSize
DestroyPropertySheetPage
PropertySheetA
ImageList_AddMasked
ImageList_GetBkColor
ImageList_Replace
ImageList_EndDrag
ImageList_SetOverlayImage
ImageList_Draw
ImageList_GetIcon

ole32

ProgIDFromCLSID
CoGetInterfaceAndReleaseStream
CoRevokeClassObject
CreateStreamOnHGlobal
StgOpenStorage

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d968aafe8c78587d4fecf1feb20183aa

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

version

gdi32

oleaut32

advapi32

shell32

comctl32

ole32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 31KB - Virtual size: 31KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 31KB - Virtual size: 31KB