ff22ac5ecbcaa8cdc907a6e3339e29b3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff22ac5ecbcaa8cdc907a6e3339e29b3_JaffaCakes118
Size

157KB
MD5

ff22ac5ecbcaa8cdc907a6e3339e29b3
SHA1

ad70f96e81f413628adbf00a964e70bbede2766c
SHA256

bcbedc5b6c8472fd60d0efc097a876f9f4bb9373a5fd2ed61e24a015d3ab588d
SHA512

49981315a83b3611a0a7e779e6fda713b0f62fbfa68684eb1608847d0c177ea58563528d1d9da4eec88e47b66debb7a1e2506f3a6832e5234574c275f95ab3c5
SSDEEP

3072:D9CW31TFuM33YWJclUxfxsSd5p+N3RX8SGT6PB11WMn4a/xGUG+MIoGEd:Dj3tFuMxJclUbsSdH+3XLGkB11TFx3Md

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff22ac5ecbcaa8cdc907a6e3339e29b3_JaffaCakes118

Files

ff22ac5ecbcaa8cdc907a6e3339e29b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cd71ecc18643fd37137a4d3023ddfa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UnhookWindowsHookEx
GetScrollPos
GetSysColorBrush
SetWindowTextA
SetWindowPos
FrameRect
PostQuitMessage
GetSubMenu
EnableMenuItem
GetMessageA
EqualRect
GetSysColor
EnumWindows

kernel32

GetTimeZoneInformation
SetUnhandledExceptionFilter
GetTempPathA
GetSystemTime
GetFileAttributesA
GetCurrentProcessId
GetOEMCP
InterlockedExchange
GetTickCount
FileTimeToSystemTime
VirtualAllocEx
GetStartupInfoA
GetThreadLocale
RtlUnwind
ExitProcess

gdi32

GetMapMode
CreateICW
SelectClipPath
DPtoLP
SetViewportExtEx
ExcludeClipRect
CreateCompatibleBitmap
CopyEnhMetaFileA
FillRgn

ole32

StgOpenStorage
CoInitialize
CoRevokeClassObject
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
DoDragDrop
CoInitializeSecurity
OleRun

advapi32

GetSecurityDescriptorDacl
CryptHashData
GetUserNameA
FreeSid
RegCreateKeyA
QueryServiceStatus
AdjustTokenPrivileges
RegQueryValueExW
RegCreateKeyExW
CheckTokenMembership

msvcrt

_flsbuf
puts
strncpy
raise
__setusermatherr
__initenv
_strdup
fprintf
_CIpow
iswspace
signal
_lock
strcspn
fflush
__getmainargs
_fdopen
strlen
_mbscmp

comctl32

ImageList_ReplaceIcon
CreatePropertySheetPageA
InitCommonControls
ImageList_GetIcon
ImageList_Write
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_SetIconSize
ImageList_Destroy
ImageList_GetBkColor
ImageList_DrawEx
ImageList_GetIconSize
ImageList_DragEnter

shell32

DragQueryFileW
ShellExecuteEx
ExtractIconExW
ExtractIconW
SHGetPathFromIDList
DragQueryFileA
DragAcceptFiles
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteW
DoEnvironmentSubstW

oleaut32

SafeArrayRedim
VariantCopy
SafeArrayPutElement
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayCreate
SafeArrayPtrOfIndex

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cd71ecc18643fd37137a4d3023ddfa8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 6KB - Virtual size: 5KB