f9d2b7deb427cd00bd5365c52076b7f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9d2b7deb427cd00bd5365c52076b7f2_JaffaCakes118
Size

83KB
MD5

f9d2b7deb427cd00bd5365c52076b7f2
SHA1

1ecd8f897c3d1d959deabaeadbb5d8720e0aacca
SHA256

c7ec100de28622c2baf81a25a3d5afa7919f841a31e56a7569fae41f1f4acafd
SHA512

d2aa94ace34eb9fdd3518533e1a3abe2e1ea6374310d0d7afe26cc97e635a7f9fd2c3d2595621aa85e3547174bab7db1807876d3b2cd52475320e3d644a35200
SSDEEP

1536:hnA5aOgTdlXAKTTgfdxjs5V6QZmDwhGOB3lNxe9nJhSC4mObxLW:hThTjAMTg1xjs/9ZmD2H7e8mCi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d2b7deb427cd00bd5365c52076b7f2_JaffaCakes118

Files

f9d2b7deb427cd00bd5365c52076b7f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

49f0db95bc1ea4aad93d01b240bdba83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowTextA
FrameRect
EnableMenuItem
SetWindowPos
GetMessageA
EqualRect
UnhookWindowsHookEx
GetSysColor
GetSubMenu
GetSysColorBrush
PostQuitMessage
EnumWindows
GetScrollPos

kernel32

GetACP
GetSystemTime
GetTimeZoneInformation
GetThreadLocale
GetFileAttributesA
GetTickCount
ExitProcess
VirtualAllocEx
GetTempPathA
RtlUnwind
GetStartupInfoA
GetCurrentProcessId
FileTimeToSystemTime
SetUnhandledExceptionFilter
InterlockedExchange

gdi32

CopyEnhMetaFileA
DPtoLP
SetViewportExtEx
CreateCompatibleBitmap
FillRgn
ExcludeClipRect
SelectClipPath
GetMapMode
CreateICW

ole32

OleRun
StringFromGUID2
CoCreateInstance
StgOpenStorage
CoInitialize
CoRevokeClassObject
CoInitializeSecurity
DoDragDrop
CoTaskMemRealloc

advapi32

RegQueryValueExW
RegCreateKeyA
RegCreateKeyExW
QueryServiceStatus
GetSecurityDescriptorDacl
CryptHashData
AdjustTokenPrivileges
CheckTokenMembership
FreeSid
GetUserNameA

msvcrt

_lock
__initenv
puts
fflush
_flsbuf
raise
__setusermatherr
strcspn
iswspace
strncpy
fprintf
signal
strlen
_strdup
_CIpow
_fdopen
__getmainargs
_mbscmp

comctl32

ImageList_DragEnter
ImageList_Write
ImageList_GetBkColor
ImageList_DrawEx
ImageList_SetIconSize
ImageList_ReplaceIcon
CreatePropertySheetPageA
InitCommonControls
ImageList_GetIcon
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_Destroy
ImageList_LoadImageW

shell32

ShellExecuteW
CommandLineToArgvW
DoEnvironmentSubstW
ExtractIconExW
DragQueryFileW
DragAcceptFiles
DragQueryFileA
ExtractIconW
SHBrowseForFolderA
SHGetPathFromIDList
ShellExecuteEx

oleaut32

SafeArrayUnaccessData
VariantCopy
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayCreate
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kixaozc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

49f0db95bc1ea4aad93d01b240bdba83

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 6KB - Virtual size: 34KB

kixaozc Size: - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 6KB - Virtual size: 34KB

kixaozc
Size: - Virtual size: 4KB