fe65d0177dc8c11d9b72b939a6004c82_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe65d0177dc8c11d9b72b939a6004c82_JaffaCakes118
Size

79KB
MD5

fe65d0177dc8c11d9b72b939a6004c82
SHA1

8bb83ef3e9a5dc3632c8cab3e82202a10dcc54a0
SHA256

c2a32e452b5f9e46cece7d091948a246db859f85f671dfe2aaa74ad5d5f83e50
SHA512

2c74d7cd43e7a5490e399249dadc900353d409c1da7ee399c15371e643db3bed197611e699ebfe3ffdc7ff866b59db9357dca16266a40b2840da8e1e9bdf672c
SSDEEP

1536:FpVOZaty2rhUciOfT3LifOeLWq7ZKLG35UuOK5+dae7vVnlaVtYGhj72OyQ6r0i8:FkatJiGMOeXcy35Uub5+dvZUjYGIQ6Ip

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe65d0177dc8c11d9b72b939a6004c82_JaffaCakes118

Files

fe65d0177dc8c11d9b72b939a6004c82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e58d8ee2e6e9163a6870d53c1fc71dde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostQuitMessage
EnableMenuItem
FrameRect
GetSysColor
SetWindowPos
GetScrollPos
EnumWindows
GetMessageA
SetWindowTextA
GetSubMenu
UnhookWindowsHookEx
EqualRect
GetSysColorBrush

kernel32

GetTimeZoneInformation
RtlUnwind
GetSystemTime
GetStartupInfoA
GetThreadLocale
GetTempPathA
SetUnhandledExceptionFilter
VirtualAllocEx
GetACP
FileTimeToSystemTime
GetCurrentProcessId
ExitProcess
GetTickCount
InterlockedExchange
GetFileAttributesA

gdi32

SelectClipPath
CreateICW
CreateCompatibleBitmap
ExcludeClipRect
DPtoLP
FillRgn
CopyEnhMetaFileA
SetViewportExtEx
GetMapMode

ole32

CoInitializeSecurity
CoTaskMemRealloc
CoRevokeClassObject
StgOpenStorage
DoDragDrop
CoInitialize
OleRun
StringFromGUID2
CoCreateInstance

advapi32

FreeSid
RegQueryValueExW
CheckTokenMembership
GetUserNameA
CryptHashData
GetSecurityDescriptorDacl
RegCreateKeyA
AdjustTokenPrivileges
RegCreateKeyExW
QueryServiceStatus

msvcrt

_flsbuf
iswspace
_CIpow
_strdup
_mbscmp
signal
__initenv
raise
_fdopen
_lock
strncpy
puts
fprintf
strlen
__setusermatherr
fflush
strcspn
__getmainargs

comctl32

ImageList_GetBkColor
InitCommonControls
CreatePropertySheetPageA
ImageList_DrawEx
ImageList_Write
ImageList_GetIcon
ImageList_DragEnter
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_LoadImageW
ImageList_Destroy

shell32

ExtractIconW
DoEnvironmentSubstW
DragQueryFileW
ShellExecuteW
DragQueryFileA
SHBrowseForFolderA
DragAcceptFiles
ExtractIconExW
CommandLineToArgvW
ShellExecuteEx
SHGetPathFromIDList

oleaut32

SafeArrayCreate
SysReAllocStringLen
SafeArrayGetUBound
VariantCopy
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e58d8ee2e6e9163a6870d53c1fc71dde

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 40KB - Virtual size: 39KB

.rsrc Size: 6KB - Virtual size: 80KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 6KB - Virtual size: 80KB