10eb48a10aee231811d5a0e523dfff51_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10eb48a10aee231811d5a0e523dfff51_JaffaCakes118
Size

132KB
MD5

10eb48a10aee231811d5a0e523dfff51
SHA1

7d067b31d3953000f6ae6423797b0b86faa6dbf7
SHA256

7c4484f3376c6f7f985566e6fa146222381615eb4b7208eda380269f25f4f1e0
SHA512

0895a1bde3498df6d9edf7cbc0580191e680fe4201148a14e849684c5309497852107aa4ad660337cf0296022218df82b754aa5d1f2acfdcc4d9bcaa50af1136
SSDEEP

3072:UrC3BI/evBMZZQuf6XmFnZVZvwLmhm/pgsO3LZ+zR:JHif6WFVcAmzO3Qz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10eb48a10aee231811d5a0e523dfff51_JaffaCakes118

Files

10eb48a10aee231811d5a0e523dfff51_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0766d67282b34f5c1ea4df9fcdd53348

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

wcstol
__getmainargs
memset
_setjmp
__set_app_type
__setusermatherr
_close
_controlfp
_initterm
__p__fmode
_acmdln
__p__commode
_utime
_open_osfhandle
_beginthreadex
_except_handler3
_adjust_fdiv
exit
_XcptFilter
log
_CIpow

kernel32

GetSystemDefaultLCID
GetFullPathNameA
GetPrivateProfileStringA
GetModuleHandleA
GlobalUnlock
GetStartupInfoA
VirtualProtect

gdi32

CreatePen
GetSystemPaletteEntries
SetBrushOrgEx
PolyDraw
CreateRectRgn
SetBkMode
Polyline
ExtFloodFill
ExtTextOutA
GetStockObject
DeleteEnhMetaFile

oleaut32

SysReAllocStringLen
VariantClear
GetActiveObject
SysFreeString
SafeArrayRedim
SysStringByteLen
SafeArrayPtrOfIndex
VariantCopyInd
SafeArrayPutElement
VariantInit

advapi32

QueryServiceStatus
GetUserNameA
RegQueryInfoKeyW
LookupPrivilegeValueW
RegEnumKeyExW
SetSecurityDescriptorGroup
OpenSCManagerW
AddAccessAllowedAce
ControlService
InitiateSystemShutdownA
CheckTokenMembership
GetLengthSid

shell32

ExtractIconExA
DragQueryFileW
SHFileOperationA
SHAddToRecentDocs
SHGetSpecialFolderLocation
SHGetSettings
SHFileOperationW
DragQueryFile
SHGetFileInfo
ShellExecuteA
SHBindToParent

version

VerFindFileW
VerQueryValueW
VerLanguageNameA
VerInstallFileA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW

ole32

CoTaskMemFree
CoCreateGuid
IsEqualGUID
CreateBindCtx
OleDraw
StgOpenStorage
OleRun

user32

ShowWindow
SetScrollRange
TranslateMessage
SetWindowsHookExA
EndDialog
SetScrollInfo
IsChild
LoadCursorA
GetMenuState
GetClassNameA
GetMenuStringA
RemoveMenu

comctl32

InitializeFlatSB
PropertySheetA
CreatePropertySheetPageW
ImageList_GetIconSize
ImageList_GetImageCount
InitCommonControlsEx
ImageList_Replace
ImageList_DragShowNolock
ImageList_GetBkColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0766d67282b34f5c1ea4df9fcdd53348

Headers

File Characteristics

Imports

msvcrt

kernel32

gdi32

oleaut32

advapi32

shell32

version

ole32

user32

comctl32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 95KB - Virtual size: 95KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 95KB - Virtual size: 95KB