03e5e1329dd5fecf7acb86185bcf861c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03e5e1329dd5fecf7acb86185bcf861c_JaffaCakes118
Size

81KB
MD5

03e5e1329dd5fecf7acb86185bcf861c
SHA1

c1f8cd3e5c373c93ca91912445acfc9ec2aabb04
SHA256

eadfb53bcdf238c2e30747a6872a0fb11c25ff0c19426f09b6e3d64e15c34988
SHA512

4ddc61701cf4eb6867dc1bf447746e4d881b7608d79832db0b7bbaa5ccaf30e555e5d765c44bc14538de3f2714fd9df4c0cfb2e48b316e6956337dd55f14f566
SSDEEP

1536:ESNi81eJFP1XzwVIce1dOs9IK/i5TJLtKRKdWIYTnInXvMN3LREbo:PNi8E/1kVIceOshi5rEaYzIoVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03e5e1329dd5fecf7acb86185bcf861c_JaffaCakes118

Files

03e5e1329dd5fecf7acb86185bcf861c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdd06c6cb1508bc3df23d6a3efc39a7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
acos
memcpy
strncmp

ole32

CLSIDFromString
PropVariantClear
CoDisconnectObject

oleaut32

SysReAllocStringLen
SysStringLen
SafeArrayGetElement
SysFreeString
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayGetUBound
VariantChangeType
SafeArrayPtrOfIndex

gdi32

GetPixel
SaveDC
SetTextColor
CreateBrushIndirect
CreatePenIndirect
GetDIBColorTable
CreateCompatibleBitmap
SetBkMode

version

GetFileVersionInfoSizeA
VerInstallFileA
VerQueryValueA

user32

GetMenuItemCount
GetScrollPos
EndPaint
CheckMenuItem
DispatchMessageA
GetClassInfoA
GetDesktopWindow
IsMenu
GetIconInfo
GetDC
GetForegroundWindow
CreatePopupMenu
GetFocus
CreateIcon
GetDlgItem
RegisterClassA
GetClassLongA
ShowScrollBar
CreateMenu
GetDCEx
GetClientRect
GetCapture
CreateWindowExA
GetActiveWindow
DeferWindowPos
GetCursor
DefFrameProcA
GetCursorPos
HideCaret
EnableWindow
IsWindowVisible
SystemParametersInfoA
GetKeyNameTextA
GetClipboardData

comctl32

ImageList_Remove
ImageList_GetBkColor
ImageList_Draw
ImageList_Destroy
ImageList_Add
ImageList_Read
ImageList_Write

kernel32

ResetEvent
LoadLibraryExA
lstrcpyA
GetACP
ExitThread
GlobalFindAtomA
GetDiskFreeSpaceA
InitializeCriticalSection
GetFileAttributesA
DeleteCriticalSection
SetLastError
RaiseException
VirtualAlloc
WaitForSingleObject
LocalFree
LoadLibraryA
lstrcatA
MoveFileExA
GetSystemDefaultLangID
GetModuleHandleA
VirtualQuery
GetModuleFileNameA
GetVersionExA
FindFirstFileA
MoveFileA
GetCurrentThread
GetLastError
MulDiv
FindResourceA
GetFullPathNameA
GetCurrentThreadId
HeapAlloc
CloseHandle
WideCharToMultiByte
DeleteFileA
GetCommandLineA
SizeofResource
lstrcmpiA
HeapFree
GetUserDefaultLCID
ExitProcess
GetTickCount
FormatMessageA
SetFilePointer
GetCPInfo
GetProcAddress
SetHandleCount
LocalReAlloc
LoadResource
CreateThread
FindClose
GetCurrentProcessId
EnterCriticalSection
EnumCalendarInfoA
GetVersion
GetDateFormatA
LockResource
lstrcmpA
LocalAlloc
lstrcpynA
VirtualAllocEx
SetErrorMode

Sections

CODE
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fdd06c6cb1508bc3df23d6a3efc39a7d

Headers

File Characteristics

Imports

msvcrt

ole32

oleaut32

gdi32

version

user32

comctl32

kernel32

Sections

CODE Size: 35KB - Virtual size: 34KB

.edata Size: 42KB - Virtual size: 41KB

.init Size: 512B - Virtual size: 33B

.rdata Size: 1KB - Virtual size: 33KB

.bss Size: 1024B - Virtual size: 628B

CODE
Size: 35KB - Virtual size: 34KB

.edata
Size: 42KB - Virtual size: 41KB

.init
Size: 512B - Virtual size: 33B

.rdata
Size: 1KB - Virtual size: 33KB

.bss
Size: 1024B - Virtual size: 628B