1220ce973d9020dc3cd2aee49d70b59a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1220ce973d9020dc3cd2aee49d70b59a_JaffaCakes118
Size

105KB
MD5

1220ce973d9020dc3cd2aee49d70b59a
SHA1

e1dbf8036d1565b405e4822a8327ba0d758e4917
SHA256

ebd14e2d5ee0b7d8c74c8e242c9bcc91ed1b97b7027338e65d4a090f3e309580
SHA512

04316ca303f381959369a5a7eb74965a1f67e95b6a55bc1879863a9cef9e08868f21e260f373d44e6ada2ed9ab68d1217eaaedc60977d11938f97e0a499c67bd
SSDEEP

3072:s7Nj5aiDZ2AxwZBP683Rp1/EqIAiITpXNm+:ij5aiDMXZBl1/cDITm+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1220ce973d9020dc3cd2aee49d70b59a_JaffaCakes118

Files

1220ce973d9020dc3cd2aee49d70b59a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

98b9d2fc728025c6706c50a5575f8a61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

sprintf
_XcptFilter
_setmode
__p__fmode
free
printf
strcmp
__getmainargs
__setusermatherr
_except_handler3
_adjust_fdiv
_initterm
exit
_vsnprintf
calloc
strchr
strrchr
_exit
_snprintf
__p__commode
__set_app_type
getenv
sinh
fopen
fread
_acmdln

kernel32

GetProfileIntA
SetEvent
GetCPInfo
FormatMessageA
GetModuleFileNameW
CreateProcessA
lstrcpyA
lstrcatA
GetProfileStringA
GetCurrentThread
OutputDebugStringA
GetDriveTypeA
GetStringTypeW
QueryPerformanceCounter
GetDateFormatA
CreateEventA
GetStartupInfoA
MulDiv

user32

LoadCursorA
GetScrollInfo
GetWindowPlacement
SetScrollPos
SetForegroundWindow
GetDlgItem
DestroyIcon
ReleaseCapture
TranslateMessage
SendDlgItemMessageA
GetIconInfo
SetActiveWindow
GetActiveWindow
SetMenu

advapi32

RegCloseKey
RevertToSelf
RegCreateKeyExA
RegEnumValueA
OpenSCManagerA
RegEnumKeyA
RegDeleteValueW
RegQueryValueA
RegOpenKeyA
AdjustTokenPrivileges
CryptDestroyHash
RegQueryValueExA
SetSecurityDescriptorOwner
OpenProcessToken

oleaut32

SysAllocStringLen
SysReAllocStringLen
SafeArrayCreate
LoadTypeLib
SafeArrayGetElement
VariantClear

comctl32

ImageList_Read
CreateToolbarEx
InitializeFlatSB
ImageList_SetBkColor
ImageList_DragEnter
ImageList_EndDrag
CreatePropertySheetPageA
CreateStatusWindowA

shell32

SHAddToRecentDocs
ExtractIconExA
SHGetPathFromIDListA
Shell_NotifyIconA
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHGetFolderPathA
SHGetFolderPathW
SHCreateDirectoryExA
SHBrowseForFolderW
DragFinish
SHBrowseForFolder

ole32

CreateBindCtx
IsEqualGUID
CoLoadLibrary
OleUninitialize
StringFromIID
OleGetClipboard
StgOpenStorageOnILockBytes
OleFlushClipboard

gdi32

ExtFloodFill
EnumFontFamiliesExA
CreateRectRgn
InvertRgn
SetWindowOrgEx
SetTextColor
GetEnhMetaFilePaletteEntries
StrokeAndFillPath
SetWindowExtEx
SetROP2
DeleteObject
GetWindowExtEx
EnumMetaFile

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98b9d2fc728025c6706c50a5575f8a61

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

oleaut32

comctl32

shell32

ole32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 38KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 38KB

.rsrc
Size: 25KB - Virtual size: 25KB