09e9bb072a2f45d8f6fbbf3f4e4d2107_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09e9bb072a2f45d8f6fbbf3f4e4d2107_JaffaCakes118
Size

94KB
MD5

09e9bb072a2f45d8f6fbbf3f4e4d2107
SHA1

1b6fbfb679095847dad6a706575156ce93ecc25d
SHA256

7b17e52fee397b4acf5210242999237d5b01d09f005677046a2ce974063c378e
SHA512

2ed800a943303a88cb9864e57b0e26e0e9a9b1ca9d406d13e1776076bacd15a0acbdf990fce22ba92930e5a18e5374a7ea3c4cbf1b464aa7a0486b532fbaeca9
SSDEEP

1536:mlKf0fBS7wgyFQUGnZKC89MmOsLhOgLaQkbcNfKoAR5o9jEcJgxEC:rMUuRG2ssLhOgL+gh0eg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e9bb072a2f45d8f6fbbf3f4e4d2107_JaffaCakes118

Files

09e9bb072a2f45d8f6fbbf3f4e4d2107_JaffaCakes118
.exe windows:5 windows x86 arch:x86

727321b7178c841e0582eabea2da9a2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetUserDefaultLCID
DisableThreadLibraryCalls
GetOEMCP
GetCurrentProcess
GetACP
FindClose
DuplicateHandle
GetVersion
ExitProcess
QueryPerformanceCounter
OpenProcess
GetTickCount
WritePrivateProfileStringA
GetCPInfo
IsBadCodePtr
IsValidCodePage
GetCurrentDirectoryA
GetSystemTime
VirtualAllocEx
Sleep
UnhandledExceptionFilter
GlobalFree
GetDateFormatA
DeleteFileW
GetStringTypeA

shell32

DragAcceptFiles
SHGetPathFromIDList
ShellExecuteA
SHGetPathFromIDListW
SHGetDesktopFolder
ExtractIconExA
DragFinish
ShellExecuteW

advapi32

CryptGenRandom
RegSetValueExA
RegDeleteKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CopySid
AddAccessAllowedAce
RegEnumValueW

msvcrt

malloc
calloc
strlen
_getch
iswspace
vsprintf
strcspn
puts
localeconv

comctl32

InitCommonControls
CreatePropertySheetPageA
CreateStatusWindowA
ImageList_DrawEx
ImageList_SetIconSize
ImageList_Create
ImageList_SetImageCount
ImageList_GetIcon
DestroyPropertySheetPage

gdi32

GetBkMode
SetViewportExtEx
CreateBrushIndirect
PolyDraw
SetROP2
CreateRectRgn
CreateRoundRectRgn
GetOutlineTextMetricsA
SetViewportOrgEx
PlayMetaFileRecord
GetViewportExtEx
Escape
CreateDCW
GetCharWidthA
GetTextFaceW
CreateEnhMetaFileA
SetBrushOrgEx
TextOutA

user32

GetSysColor
wsprintfA
SetWindowTextA
GetWindowRect
SendDlgItemMessageA
EndPaint
UpdateWindow
ShowCursor

oleaut32

SafeArrayCreate
SysStringByteLen
SafeArrayGetElement
SysReAllocStringLen
VariantInit
SafeArrayPtrOfIndex
SetErrorInfo
LoadTypeLib
GetActiveObject
SysFreeString

ole32

StringFromCLSID
DoDragDrop
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
CoRegisterMessageFilter
StgOpenStorage
CoGetInterfaceAndReleaseStream
CoCreateInstance

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

727321b7178c841e0582eabea2da9a2a

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

msvcrt

comctl32

gdi32

user32

oleaut32

ole32

Sections

.text Size: 49KB - Virtual size: 48KB

.data Size: 30KB - Virtual size: 29KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 49KB - Virtual size: 48KB

.data
Size: 30KB - Virtual size: 29KB

.rsrc
Size: 14KB - Virtual size: 13KB