fcea7a276937d570e56c270673e1f48c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcea7a276937d570e56c270673e1f48c_JaffaCakes118
Size

84KB
MD5

fcea7a276937d570e56c270673e1f48c
SHA1

aaf203f1d6df94ffe65debed603b1b349bd9849c
SHA256

c77725cb87d2c1f58913423ebaef8fc726a0115bd46e45b56b0488fee0ae7b19
SHA512

becdd30e04eebd5f6065d8904d2ba2cef9b2694142b87d3633e835bb9f6a4e89be9be6f93893bc7be9c3348a471e10ae62495320cbe3628d39459dd97df065ba
SSDEEP

1536:AzSVq94RusIW6daG+tuvBKWf0c2iXfbA+iH5U5buv1CwPCgbs3N:AzSs91sIycvbXDXfGUbuv174

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcea7a276937d570e56c270673e1f48c_JaffaCakes118

Files

fcea7a276937d570e56c270673e1f48c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3403a36a146640088b27b59002d9deb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UnhookWindowsHookEx
GetScrollPos
GetSubMenu
PostQuitMessage
FrameRect
EnumWindows
SetWindowTextA
SetWindowPos
GetSysColor
EqualRect
EnableMenuItem
GetSysColorBrush
GetMessageA

kernel32

GetTempPathA
GetThreadLocale
GetCurrentProcessId
InterlockedExchange
QueryPerformanceCounter
GetSystemTime
GetFileAttributesA
SetUnhandledExceptionFilter
GetTimeZoneInformation
RtlUnwind
ExitProcess
VirtualAllocEx
GetStartupInfoA
FileTimeToSystemTime

gdi32

CopyEnhMetaFileA
DPtoLP
GetMapMode
CreateICW
FillRgn
SetViewportExtEx
ExcludeClipRect
CreateCompatibleBitmap
SelectClipPath

ole32

StgOpenStorage
CoInitialize
CoTaskMemRealloc
CoInitializeSecurity
DoDragDrop
OleRun
StringFromGUID2
CoRevokeClassObject
CoCreateInstance

advapi32

QueryServiceStatus
AdjustTokenPrivileges
CheckTokenMembership
CryptHashData
RegQueryValueExW
GetUserNameA
GetSecurityDescriptorDacl
RegCreateKeyA
FreeSid
RegCreateKeyExW

msvcrt

strncpy
_flsbuf
_strdup
fprintf
_mbscmp
strlen
fflush
_CIpow
__initenv
strcspn
raise
_fdopen
iswspace
__setusermatherr
__getmainargs
signal
puts
_lock

comctl32

ImageList_Write
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_GetIcon
InitCommonControls
ImageList_GetBkColor
ImageList_DragEnter
ImageList_DrawEx
ImageList_LoadImageW
ImageList_Destroy
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_SetIconSize

shell32

SHBrowseForFolderA
ShellExecuteEx
CommandLineToArgvW
ExtractIconW
DragQueryFileA
ShellExecuteW
SHGetPathFromIDList
DragAcceptFiles
ExtractIconExW
DragQueryFileW
DoEnvironmentSubstW

oleaut32

SafeArrayRedim
SafeArrayGetUBound
SafeArrayUnaccessData
VariantCopy
SafeArrayCreate
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayPutElement

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3403a36a146640088b27b59002d9deb0

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 6KB - Virtual size: 76KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 6KB - Virtual size: 76KB