fbbf066a1f4e89b6588f7eba99bd7162_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbbf066a1f4e89b6588f7eba99bd7162_JaffaCakes118
Size

78KB
MD5

fbbf066a1f4e89b6588f7eba99bd7162
SHA1

163965340d3836040bb6d946e41305d31253edcb
SHA256

0bd85f1e731f460addf8f81c97379ff1665df302aec29825d9a2fb767085598a
SHA512

30c406bf4b0a5439fb3c8830ffabf137c17e821ed8e26ae070974b1457f6acf62b1cad60f42d1eb2a943cff3f2a7303693f46d0675bc1e64350e2c8db24ec7fa
SSDEEP

1536:9ZXj/UgFxNBlby9Q9WimD6OW9+QnHRfCW6qDAnT3Oz7KEl5:9ZAgxBMQQDlW9+QHRCNuAnT3OH9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbbf066a1f4e89b6588f7eba99bd7162_JaffaCakes118

Files

fbbf066a1f4e89b6588f7eba99bd7162_JaffaCakes118
.exe windows:5 windows x86 arch:x86

77184cd6206bbf1c3723eaf8d56dedfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowTextA
GetSysColorBrush
UnhookWindowsHookEx
FrameRect
SetWindowPos
GetScrollPos
GetMessageA
EnumWindows
GetSubMenu
EnableMenuItem
EqualRect
GetSysColor
PostQuitMessage

kernel32

QueryPerformanceCounter
GetStartupInfoA
ExitProcess
FileTimeToSystemTime
GetSystemTime
GetThreadLocale
GetFileAttributesA
SetUnhandledExceptionFilter
InterlockedExchange
RtlUnwind
GetACP
GetTimeZoneInformation
GetTickCount
GetTempPathA
VirtualAllocEx
GetCurrentProcessId

gdi32

SelectClipPath
SetViewportExtEx
CopyEnhMetaFileA
GetMapMode
DPtoLP
CreateICW
FillRgn
CreateCompatibleBitmap
ExcludeClipRect

ole32

StringFromGUID2
CoInitialize
CoTaskMemRealloc
CoCreateInstance
StgOpenStorage
DoDragDrop
OleRun
CoRevokeClassObject
CoInitializeSecurity

advapi32

CheckTokenMembership
RegCreateKeyA
RegQueryValueExW
GetUserNameA
QueryServiceStatus
AdjustTokenPrivileges
RegCreateKeyExW
FreeSid
CryptHashData
GetSecurityDescriptorDacl

msvcrt

_flsbuf
__initenv
puts
signal
raise
strncpy
__setusermatherr
_strdup
__getmainargs
_fdopen
fprintf
fflush
iswspace
strlen
_mbscmp
_CIpow
strcspn
_lock

comctl32

ImageList_DrawEx
ImageList_SetIconSize
ImageList_Write
ImageList_Destroy
ImageList_GetIconSize
InitCommonControls
ImageList_LoadImageA
ImageList_GetIcon
CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_DragEnter
ImageList_GetBkColor

shell32

DoEnvironmentSubstW
SHBrowseForFolderA
DragAcceptFiles
CommandLineToArgvW
ExtractIconExW
DragQueryFileA
ExtractIconW
ShellExecuteW
DragQueryFileW
ShellExecuteEx
SHGetPathFromIDList

oleaut32

SafeArrayPutElement
VariantCopy
SafeArrayPtrOfIndex
SafeArrayRedim
SafeArrayCreate
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayGetUBound

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

77184cd6206bbf1c3723eaf8d56dedfb

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 34KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 34KB