1350db75de0781e3337bd4333348c4db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1350db75de0781e3337bd4333348c4db_JaffaCakes118
Size

137KB
MD5

1350db75de0781e3337bd4333348c4db
SHA1

524b92146bb629b692aae638146cde903f408132
SHA256

b8614a235aa989e37bae79e7eeb783e2bfe87d589a26db83b6c4c7b43f3a4c3e
SHA512

6dd6cc2b53838bdba078416d66c3b1a2c17156469389d65c5f6435ecda002482752cc63b947961b07a328a846aa0d476790946350f1633a812562ab17ec4d703
SSDEEP

3072:XVs97KcIkUq+NObDWgQ6Vix7F8hauqe7pC:Fs9KLT5NObqg9Es3qe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1350db75de0781e3337bd4333348c4db_JaffaCakes118

Files

1350db75de0781e3337bd4333348c4db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7c7619e39a7fa1749b3a0228752a6db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowPos
UnhookWindowsHookEx
FrameRect
PostQuitMessage
GetScrollPos
EqualRect
SetWindowTextA
GetSysColor
GetMessageA
GetSysColorBrush
EnableMenuItem
GetSubMenu
EnumWindows

kernel32

QueryPerformanceCounter
GetThreadLocale
GetOEMCP
GetACP
FileTimeToSystemTime
GetStartupInfoA
GetCurrentProcessId
GetTickCount
ExitProcess
GetFileAttributesA
VirtualAllocEx
SetUnhandledExceptionFilter
InterlockedExchange
GetTempPathA
GetSystemTime
GetTimeZoneInformation
RtlUnwind

gdi32

FillRgn
CopyEnhMetaFileA
SelectClipPath
SetViewportExtEx
ExcludeClipRect
GetMapMode
CreateICW
CreateCompatibleBitmap
DPtoLP

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
DoDragDrop
CoInitializeSecurity
StgOpenStorage
OleRun
CoRevokeClassObject
CoInitialize

advapi32

RegQueryValueExW
FreeSid
AdjustTokenPrivileges
CryptHashData
GetUserNameA
RegCreateKeyExW
GetSecurityDescriptorDacl
QueryServiceStatus
RegCreateKeyA
CheckTokenMembership

msvcrt

fprintf
raise
__getmainargs
_CIpow
fflush
_fdopen
strcspn
strncpy
iswspace
__initenv
_strdup
strlen
_mbscmp
signal
_lock
__setusermatherr
_flsbuf
puts

comctl32

ImageList_Write
InitCommonControls
ImageList_LoadImageA
ImageList_SetIconSize
ImageList_DragEnter
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_DrawEx
ImageList_GetIcon
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_GetBkColor

shell32

DragQueryFileW
CommandLineToArgvW
DoEnvironmentSubstW
ExtractIconW
ExtractIconExW
DragQueryFileA
DragAcceptFiles
SHBrowseForFolderA
ShellExecuteEx
SHGetPathFromIDList
ShellExecuteW

oleaut32

SafeArrayGetUBound
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayRedim
SafeArrayPtrOfIndex
SysReAllocStringLen
VariantCopy

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a7c7619e39a7fa1749b3a0228752a6db

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 41KB - Virtual size: 41KB

.rsrc Size: 61KB - Virtual size: 62KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 61KB - Virtual size: 62KB