082dff71ff81a59bff49839cbb08f72c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

082dff71ff81a59bff49839cbb08f72c_JaffaCakes118
Size

77KB
MD5

082dff71ff81a59bff49839cbb08f72c
SHA1

778df073235dbe504f3c72b6fd5b54de7597812c
SHA256

8e33f32715f796f0c2e65d8a89e13884277e0da3025ace64294b6204cb3be124
SHA512

e0e864e20ddcde9981966a381fb6f240ed122af1d1042feebd9c376f96d38d3100ebb3f82186f1184979f6e86fd46eb44bdd14cfbc15d92484d3d4a3349db4cc
SSDEEP

1536:Md1n3gWmMYtQ8NvVaZmEcLd9ovIO4V8SzdSVIQJO9etGWEPfHMYgACbuPJ:Md1Lw5vIZcfFnHzdS1JOR/IA8uR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
082dff71ff81a59bff49839cbb08f72c_JaffaCakes118

Files

082dff71ff81a59bff49839cbb08f72c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cec542f41551176495a98e96611c132e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
IsBadReadPtr
OutputDebugStringA
GetCommandLineW
GetVersionExA
LCMapStringW
TerminateProcess
GetSystemDefaultLCID
GlobalAlloc
VirtualAlloc
GetOEMCP
InterlockedCompareExchange
GlobalHandle
GetModuleHandleW
GetDiskFreeSpaceA
VirtualProtectEx
SetFilePointer
FlushFileBuffers
GetCommandLineA
GetProcAddress
GetTickCount
InterlockedDecrement

msvcrt

__setusermatherr
__p__fmode
__dllonexit
__p__commode
free
__set_app_type
_controlfp
_strnicmp
_stricmp
calloc
_XcptFilter
memset
memcpy
__p___initenv
_except_handler3
_initterm
fputs
strncpy
_exit
signal
fputc
fclose
__getmainargs
_adjust_fdiv
_iob

user32

LoadBitmapA
CharLowerA
SetTimer
MessageBoxA
GetTopWindow
RegisterWindowMessageA
LoadIconA
GetCursorPos
IsDialogMessageA
BeginPaint
SetCursor
SetWindowPlacement
RegisterClipboardFormatA
GetWindowTextA

gdi32

PtInRegion
SetDIBitsToDevice
GetTextExtentPointW
CreateRectRgnIndirect
CreatePen
IntersectClipRect
SetStretchBltMode
OffsetClipRgn
LineTo
SetBrushOrgEx
DeleteDC
CreatePolygonRgn
PatBlt
SetMapperFlags
EnumFontsA
GetViewportExtEx
SetWindowExtEx
CreateFontIndirectW

comctl32

ImageList_GetImageCount
InitCommonControlsEx
PropertySheetA
CreateToolbarEx
PropertySheetW
CreateStatusWindowA
ImageList_GetIcon
DestroyPropertySheetPage
ImageList_Create
ImageList_Read
ImageList_Remove
ImageList_AddMasked

advapi32

RegQueryValueA
OpenSCManagerA
RegFlushKey
RegQueryValueExW
DeregisterEventSource
CryptDestroyHash
OpenServiceA
RegCreateKeyA
RegEnumKeyExW
RegOpenKeyW
OpenProcessToken
RevertToSelf
LookupPrivilegeValueW

ole32

CoInitializeSecurity
CLSIDFromString
CoTaskMemRealloc
CoRegisterClassObject
ProgIDFromCLSID
CoGetClassObject
OleUninitialize
CoRevokeClassObject
CoGetInterfaceAndReleaseStream
OleGetClipboard
OleInitialize
StgOpenStorageOnILockBytes

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cec542f41551176495a98e96611c132e

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

comctl32

advapi32

ole32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 60KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 60KB

.rsrc
Size: 5KB - Virtual size: 5KB