140a52c4babb34fa45f1e546620b68db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

140a52c4babb34fa45f1e546620b68db_JaffaCakes118
Size

84KB
MD5

140a52c4babb34fa45f1e546620b68db
SHA1

6a2a10eb6fc5de248ebe27ed2fff9fcbe3a201fe
SHA256

2f1da4cc98ba6f28c1e03522224a68c8e02704b7ec3970487fa97b8f69ee48de
SHA512

984e287f9e2c1d49d03897edaf57cd96278ec42f54edd806849900e33e932858e53abf4360c1f5e025fdf88cbcd8501d9721e419d382f5f889f0bcb0087c48d6
SSDEEP

1536:yXri7mKMnORRlaH0500aCM6E+JQegVkjUskJhYxHX+zF6R7hdKL3VpytM7bMu/DL:B6pw/aHy00aC/lJQegSA5Hh6lhdkVMtE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
140a52c4babb34fa45f1e546620b68db_JaffaCakes118

Files

140a52c4babb34fa45f1e546620b68db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

20a353a2ca47b6e102bc011bef49a15e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__getmainargs
_strnicmp
strrchr
_iob
_except_handler3
free
exit
__set_app_type
signal
_stricmp
memcpy
fread
_initterm
calloc
_acmdln
__p__environ
__p__commode
__setusermatherr
_exit
sqrt
_adjust_fdiv
__p__fmode
__dllonexit

kernel32

WriteFile
lstrlenW
GetTickCount
ReadFile
SetErrorMode
WritePrivateProfileStringA
TerminateProcess
GetStringTypeA
GetModuleHandleW
GetFileType
GetStartupInfoA
MulDiv
FreeLibrary

user32

SetWindowLongA
CallNextHookEx
EqualRect
UnregisterClassA
IsZoomed
SetClipboardData
DrawIcon
ReleaseCapture

advapi32

LookupPrivilegeValueW
RegOpenKeyW
SetSecurityDescriptorDacl
CryptReleaseContext
RegOpenKeyA
RegCreateKeyA
GetLengthSid
RegCreateKeyExA
RegSetValueExW
OpenServiceW
GetUserNameA
RegQueryValueExW
SetSecurityDescriptorOwner

oleaut32

SafeArrayRedim
SysFreeString
SafeArrayCreate
VariantInit
SafeArrayGetElement
SysAllocStringByteLen
VariantCopy
LoadTypeLib
GetActiveObject

gdi32

FrameRgn
GetCharWidthA
Chord
Polygon
GetMetaFileBitsEx
PlayMetaFile
ExtCreateRegion
CreatePolygonRgn

comctl32

ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_SetOverlayImage
ImageList_GetIcon
ImageList_SetBkColor
ImageList_EndDrag
ImageList_Replace
ImageList_SetIconSize
PropertySheetW
ImageList_Create
InitCommonControlsEx
ImageList_DragEnter
ImageList_GetBkColor
CreateStatusWindowA
ImageList_GetIconSize
ImageList_AddMasked

ole32

StringFromCLSID
CoCreateGuid
RevokeDragDrop
RegisterDragDrop
CoLoadLibrary
StgOpenStorage
ProgIDFromCLSID
DoDragDrop
OleDraw
StgOpenStorageOnILockBytes

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20a353a2ca47b6e102bc011bef49a15e

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

oleaut32

gdi32

comctl32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 58KB - Virtual size: 58KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 3KB - Virtual size: 2KB