150fbbce81e8ef89b29f9d960ef51824_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

150fbbce81e8ef89b29f9d960ef51824_JaffaCakes118
Size

105KB
MD5

150fbbce81e8ef89b29f9d960ef51824
SHA1

4ef993668ea0e239fcc6eb2a68cfda4fc8cc78c1
SHA256

cd51074db0a015505cc1d7fc6ee1276e6fd78cb5241ccc42c015c63d68beff1c
SHA512

468afb43bb7cb9e7ee84020057dc8b0b41b834f6108108f52a7f26f5837fb96ae292f1741ea1ba07e80c3f24870df08fb85c270a9dffcf150a412165db68da4a
SSDEEP

3072:5JrowYYsdR/YueSqJP5nM4icNi4gNoYLUrVlfDfg2wP:HrjYY6GPnMNcNi4gNoVrVelP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
150fbbce81e8ef89b29f9d960ef51824_JaffaCakes118

Files

150fbbce81e8ef89b29f9d960ef51824_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34200a4373b322c0cf9f751dc84db8ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA

msvcrt

atan
_except_handler3
_errno
_adjust_fdiv
__set_app_type
strstr
free
_exit
exit
malloc
__p__fmode
printf
_XcptFilter
getenv
calloc
__setusermatherr
wcslen
fprintf
__p__commode
_acmdln
_initterm
strcmp
__getmainargs

kernel32

ExitProcess
SetHandleCount
IsBadWritePtr
CreateFileMappingA
GetCommandLineA
GetLastError
SystemTimeToFileTime
GetStartupInfoA
GetVersionExW

oleaut32

VariantCopy
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayRedim
SafeArrayPtrOfIndex
SysStringByteLen
SysAllocStringByteLen
VariantInit

ole32

IsEqualGUID
OleIsCurrentClipboard
IIDFromString
OleDraw
StgOpenStorage

advapi32

RegQueryInfoKeyA
RegEnumKeyA
SetSecurityDescriptorOwner
RegQueryInfoKeyW
CopySid
RegOpenKeyA
AddAccessAllowedAce

shell32

ShellExecuteExA
Shell_NotifyIconA
ShellExecuteW
ExtractIconA
SHGetPathFromIDListA
SHGetFolderLocation
SHGetDesktopFolder

gdi32

GetWindowExtEx
SetWinMetaFileBits
GetEnhMetaFileHeader
EndPage

user32

GetWindowRect
SetClassLongA
MessageBeep
SetScrollPos

comctl32

PropertySheetA
InitializeFlatSB
InitCommonControlsEx

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34200a4373b322c0cf9f751dc84db8ba

Headers

File Characteristics

Imports

comdlg32

msvcrt

kernel32

oleaut32

ole32

advapi32

shell32

gdi32

user32

comctl32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 63KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 63KB

.rsrc
Size: 29KB - Virtual size: 29KB