f727134d134ab3a594fcbd1cab5cfd54_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f727134d134ab3a594fcbd1cab5cfd54_JaffaCakes118
Size

124KB
MD5

f727134d134ab3a594fcbd1cab5cfd54
SHA1

95b18a0e9ccc4f33a8bbb423aae85f9f9d270aa6
SHA256

a9b0a018a380b8ca0bf4fdc9a729212021cf7830028e50a5e8e93d5640c98bf2
SHA512

5b3489c8d8784c5a616aab6a2ff22990efbd4b2580359c12571145bd3a67500a71645465c56c2c7ed7bfb9f7c2d454ef325e87cc163cb24b231a11661622d8c7
SSDEEP

3072:gs2rOdaNQZYQynUbQl9pUpnfuImMxcOF47ZImn:gnOdVZSUbmVe472

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f727134d134ab3a594fcbd1cab5cfd54_JaffaCakes118

Files

f727134d134ab3a594fcbd1cab5cfd54_JaffaCakes118
.exe windows:5 windows x86 arch:x86

48ca1fe7fb26728e46b9a77d9ee6fe9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalAlloc
GetSystemInfo
SetErrorMode
GetModuleHandleA
VirtualProtect
SetCurrentDirectoryA
GetCommandLineW
GetLocaleInfoA
GlobalReAlloc
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetThreadLocale

msvcrt

_XcptFilter
_acmdln
ftell
_initterm
_putenv
__p__fmode
__dllonexit
__setusermatherr
_adjust_fdiv
_controlfp
exit
__set_app_type
log
_get_osfhandle
__pioinfo
__getmainargs
isspace
_except_handler3
__p__commode

shell32

SHGetDiskFreeSpaceExW
SHBrowseForFolderA
SHChangeNotify
ShellExecuteExA
CommandLineToArgvW
SHGetSpecialFolderPathA
SHGetFolderPathA
ShellExecuteW
DragQueryFileW

gdi32

FrameRgn
CreateICW
GetCharacterPlacementA
GetMetaFileBitsEx
OffsetClipRgn
GetStretchBltMode
CreateFontW
EnumFontFamiliesW
Chord
GetObjectA

advapi32

SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
FreeSid
CryptHashData
InitiateSystemShutdownA
EqualSid
RegOpenKeyW
RegOpenKeyExW
RegFlushKey
ControlService

comctl32

ImageList_SetImageCount
ImageList_LoadImageA
ImageList_SetDragCursorImage
ImageList_AddMasked
InitializeFlatSB
InitCommonControlsEx
ImageList_Read
CreateToolbarEx
ImageList_SetIconSize
PropertySheetW

ole32

OleInitialize
CoTaskMemRealloc
ProgIDFromCLSID
CoRevokeClassObject
CreateILockBytesOnHGlobal
CoTaskMemFree
RegisterDragDrop
CoInitialize
DoDragDrop
CoInitializeSecurity

user32

UnregisterClassA
GetForegroundWindow
DrawIconEx
GetSysColor
EmptyClipboard
LoadIconA
UpdateWindow
DrawEdge
IsIconic
ShowCursor
ShowWindow
CallNextHookEx

oleaut32

VariantClear
CreateErrorInfo
VariantCopyInd
SysStringByteLen
GetErrorInfo
SetErrorInfo
SafeArrayCreate
GetActiveObject
SafeArrayUnaccessData

version

VerInstallFileW
VerFindFileW
VerQueryValueA
GetFileVersionInfoA
VerInstallFileA
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48ca1fe7fb26728e46b9a77d9ee6fe9f

Headers

File Characteristics

Imports

kernel32

msvcrt

shell32

gdi32

advapi32

comctl32

ole32

user32

oleaut32

version

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 17KB - Virtual size: 38KB

.rsrc Size: 87KB - Virtual size: 87KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 17KB - Virtual size: 38KB

.rsrc
Size: 87KB - Virtual size: 87KB