fe11980e56b08539c2ae564902cfc794_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe11980e56b08539c2ae564902cfc794_JaffaCakes118
Size

135KB
MD5

fe11980e56b08539c2ae564902cfc794
SHA1

a98c83aad99d8927b7fe2eddc2b3f3e9e4645882
SHA256

53ac7d4fe5d9376093d9de8d680566571ce8a89ed3115b819b3fd8fe8d6ee0aa
SHA512

1cc3c736115d06c58965e3ba47ce14e849fdfc35ba1fc4c291384f6a3500baa3353ce828f990221bf1a02329c0c471eb0033216961209d1edc4123cebf120a9a
SSDEEP

3072:Bwplcdi9pudkAnKUnmKbPjRZYtX4hWlOoHWqmYxhEaK83:BwEdQKbPtZOXupoHZdxhp5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe11980e56b08539c2ae564902cfc794_JaffaCakes118

Files

fe11980e56b08539c2ae564902cfc794_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5f73333d1679ccc245d181ce12a7abf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__set_app_type
towlower
_adjust_fdiv
_acmdln
_controlfp
strtol
_XcptFilter
__getmainargs
exit
__p__fmode
log10
_initterm
wcsstr
__setusermatherr
tolower
localtime
_except_handler3
__p__commode

kernel32

InterlockedIncrement
MultiByteToWideChar
GetCurrentDirectoryA
GetDriveTypeA
GetFileAttributesW
SetCurrentDirectoryA
WaitForSingleObject
EnumCalendarInfoA
GetModuleHandleA
GlobalHandle
VirtualProtect
GetModuleFileNameA
GetStartupInfoA

gdi32

Ellipse
Pie
CreateRectRgnIndirect
Chord
ExtEscape
ExcludeClipRect
OffsetWindowOrgEx
DeleteEnhMetaFile
AddFontResourceA
CreateICA
PatBlt
GetPixel
SetColorAdjustment
GetClipRgn

oleaut32

SafeArrayGetUBound
VariantInit
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayPutElement
SafeArrayRedim
GetActiveObject
SysReAllocStringLen
SetErrorInfo
SysStringByteLen

shell32

SHGetSpecialFolderPathA
SHGetDiskFreeSpaceExW
ExtractIconExW
DragFinish
SHGetSpecialFolderPathW
DoEnvironmentSubstW
SHChangeNotify
SHBrowseForFolderA
Shell_NotifyIconW
DragAcceptFiles
ExtractIconExA
SHGetFolderPathA
SHBindToParent
ShellExecuteW

ole32

StringFromIID
OleGetClipboard
CoCreateGuid
CoCreateInstance

user32

PostQuitMessage
InflateRect
ShowWindow
SetPropA
UpdateWindow
GetMenuItemCount
GetSubMenu
GetDC
AdjustWindowRectEx
SystemParametersInfoA
SendDlgItemMessageA

comctl32

ImageList_Add
ImageList_Draw
CreateStatusWindowA
ImageList_AddMasked
ImageList_LoadImageA
ImageList_DrawEx
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_Create

advapi32

RegEnumKeyExW
CryptHashData
LookupPrivilegeValueW
RegQueryInfoKeyA
GetTokenInformation
AddAccessAllowedAce
GetSecurityDescriptorDacl
RegCloseKey

version

VerLanguageNameA
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerFindFileW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f73333d1679ccc245d181ce12a7abf7

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

oleaut32

shell32

ole32

user32

comctl32

advapi32

version

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 40KB

.rsrc Size: 98KB - Virtual size: 97KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 40KB

.rsrc
Size: 98KB - Virtual size: 97KB