f641def6b8d1b1110e3edaf574ab0c4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f641def6b8d1b1110e3edaf574ab0c4d_JaffaCakes118
Size

141KB
MD5

f641def6b8d1b1110e3edaf574ab0c4d
SHA1

29cabe20f8e7b76940798682b0b27b2905566c9b
SHA256

ac86c78fd5c352579d94d0819330faf8c9a23ca7d96b4c33b89ec91b9e0cccfe
SHA512

1e20bd271f737419236ee704d68bcef3d202a2fd2a9d48961d6801bc95d423651c6aa7d31ff9c0fa6ba77bf4c1e011d20f57a229a670eb6efe57e92826b849b5
SSDEEP

3072:9+ToBl4TkcCTCmNIUwZn1nnXxC6RvlDlLSwwJWIjOEX5g:dBlfcuIUwZn1XxCEdlLSPrOEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f641def6b8d1b1110e3edaf574ab0c4d_JaffaCakes118

Files

f641def6b8d1b1110e3edaf574ab0c4d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b7322e630c30904fefd5e453acfb6678

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

log10
rename
memcmp
fwrite
_except_handler3
_iob
_c_exit
__p__fmode
strstr
__p__commode
exit
_CIpow
_acmdln
_initterm
_adjust_fdiv
_utime
_stat
__set_app_type
__getmainargs
_controlfp
puts
towupper
_XcptFilter
__setusermatherr
_dup2

kernel32

SystemTimeToFileTime
VirtualProtect
CopyFileA
CreateDirectoryA
GlobalHandle
GetModuleFileNameW
VirtualQuery
GlobalFree
GetModuleHandleA
GetStartupInfoA
CreateProcessW
SetUnhandledExceptionFilter
GetFileAttributesW
GetSystemInfo
GetLocaleInfoA
GetTickCount
GetTimeZoneInformation

shell32

SHGetFileInfoA
SHGetSettings
DragFinish
FindExecutableW
ShellExecuteA
SHGetDesktopFolder
ShellExecuteW

advapi32

RegCreateKeyExA
SetSecurityDescriptorDacl
RegEnumValueA
RegSetValueExW
RegOpenKeyExA
RegCloseKey
RegCreateKeyA
OpenSCManagerW
RegQueryValueA
DeleteService
CryptReleaseContext
OpenServiceW
GetSecurityDescriptorDacl
InitializeAcl

oleaut32

VariantInit
SysStringByteLen
SafeArrayPutElement
SysStringLen
GetActiveObject
SafeArrayPtrOfIndex

comctl32

ImageList_Remove
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_GetIconSize
ImageList_DragLeave

ole32

ProgIDFromCLSID
CoRevokeClassObject
CoDisconnectObject
CoInitializeEx
OleSetClipboard
CoSetProxyBlanket
OleUninitialize
CoTaskMemAlloc
OleSetMenuDescriptor
CoCreateInstance
CoFreeUnusedLibraries

version

VerInstallFileW
GetFileVersionInfoW
VerLanguageNameA
VerQueryValueW
VerInstallFileA
GetFileVersionInfoA
VerFindFileW

user32

SetScrollRange
DispatchMessageA
PtInRect
MapWindowPoints
RegisterWindowMessageA
GetParent
GetWindowThreadProcessId

gdi32

Pie
GetObjectType
PlayMetaFile
SetViewportOrgEx
GetBitmapBits
GetViewportOrgEx
GetCharWidthA
SetAbortProc
StartDocA
CreateFontA
GetViewportExtEx

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7322e630c30904fefd5e453acfb6678

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

advapi32

oleaut32

comctl32

ole32

version

user32

gdi32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 18KB - Virtual size: 40KB

.rsrc Size: 104KB - Virtual size: 103KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 18KB - Virtual size: 40KB

.rsrc
Size: 104KB - Virtual size: 103KB