ff6b026b2afe361e8bc91e96720e952e_JaffaCakes118

General

Target

ff6b026b2afe361e8bc91e96720e952e_JaffaCakes118
Size

148KB
MD5

ff6b026b2afe361e8bc91e96720e952e
SHA1

1492871d545970c81d3125c43b947ba5c3bb360e
SHA256

4a416f7d46f7df74071169ae37677e78a0c5c965bb892bbbd6d3c348d9cded9f
SHA512

95b4bdac5565e82014458dcd08abfb1b0d8dc4c7ab224638c336624e19f9fc2dea51721a85393b407f7322b4f6000a28f9afd1ccf125895f0c871585f04cf677
SSDEEP

3072:45tDdUn4xmFsMNwu+x/tpvbUfBljZm1+xAi12HFJIuYUMLSBLblE:4upou0cLMeAiQDIxU0SRblE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff6b026b2afe361e8bc91e96720e952e_JaffaCakes118

Files

ff6b026b2afe361e8bc91e96720e952e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec7d0dda50561afcd16e4239acc0dbaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
FileTimeToLocalFileTime
lstrcpynA
GetModuleHandleA
VirtualProtect
CompareStringW

user32

EmptyClipboard
DrawMenuBar
GetDlgItem
GetSystemMenu
SetScrollInfo
EnumThreadWindows
WinHelpA
DefWindowProcA
SetWindowTextA
GetWindowThreadProcessId
GetSysColor
OemToCharA
GetCapture

msvcrt

log10
_kbhit
putchar
_XcptFilter
__getmainargs
__p__commode
__setusermatherr
_strlwr
exit
_except_handler3
time
__p__fmode
_adjust_fdiv
__set_app_type
_initterm
iswdigit
localeconv
_acmdln

ole32

StgOpenStorage
CoFreeUnusedLibraries
OleRun
OleSetClipboard
StringFromGUID2
CreateStreamOnHGlobal
IsEqualGUID
CoLoadLibrary

comctl32

ImageList_EndDrag
ImageList_SetDragCursorImage
PropertySheetA
CreateStatusWindowA
ImageList_DragEnter
ImageList_GetIcon
DestroyPropertySheetPage

advapi32

SetSecurityDescriptorGroup
OpenSCManagerA
RegQueryInfoKeyA
RegOpenKeyA
RegCreateKeyA
RegSetValueExW
RegFlushKey
GetTokenInformation
AdjustTokenPrivileges

oleaut32

SysFreeString
SetErrorInfo
VariantCopyInd
VariantInit
SafeArrayUnaccessData

shell32

SHFileOperationA
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
ShellExecuteA
SHBindToParent
Shell_NotifyIconA
SHCreateDirectoryExW
SHGetFolderPathW
DragQueryFileW
SHGetPathFromIDList
FindExecutableW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec7d0dda50561afcd16e4239acc0dbaa

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

ole32

comctl32

advapi32

oleaut32

shell32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 6KB - Virtual size: 6KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 6KB - Virtual size: 6KB