14f7908ec9258ec03695a0c91aa9c246_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14f7908ec9258ec03695a0c91aa9c246_JaffaCakes118
Size

97KB
MD5

14f7908ec9258ec03695a0c91aa9c246
SHA1

0a498c253ce6a4e94fbe9a1aec524833bf9106af
SHA256

a89886249107817781338e7bfd96d207ca0df7e2f0278b306931f195689a8140
SHA512

83fba83fe79497b09d26a5019558504b390da6df29d33a9599e721c57e06106ff46a09ab7e1d61fa4ea5558a75f41b716e2436eaf425021f2d7c6c3021c1845b
SSDEEP

3072:Cdi2bkfyYfB8l9cIBN2vcStytlxkz29o:ClQxWBkvmzxkzY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14f7908ec9258ec03695a0c91aa9c246_JaffaCakes118

Files

14f7908ec9258ec03695a0c91aa9c246_JaffaCakes118
.exe windows:4 windows x86 arch:x86

efd0a9ca8a6f31204ee9956ef36717d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcslen
_adjust_fdiv
_XcptFilter
fwrite
_acmdln
fclose
__p__fmode
strcmp
fprintf
strlen
remove
strcpy
free
__p__commode
_onexit
__set_app_type
_setmode
fseek
_exit
_initterm
strncpy
fopen
__p__environ
malloc
fflush
__setusermatherr
fread
printf
__getmainargs
_iob
_except_handler3
exit

kernel32

FreeEnvironmentStringsW
GetVersionExW
GetTempPathW
LocalAlloc
LoadLibraryA
GetModuleHandleW
GetProcAddress
IsDBCSLeadByte
GlobalReAlloc
GetTempPathA
MoveFileA

shell32

SHBindToParent
SHGetSettings
SHGetSpecialFolderPathA
ShellExecuteW
SHCreateDirectoryExW
ShellExecuteExW
DragAcceptFiles
SHChangeNotify
SHGetFolderPathW
ExtractIconW
SHGetDiskFreeSpaceExW

ole32

CoInitialize
CoFreeUnusedLibraries
ProgIDFromCLSID
IIDFromString
CoInitializeEx
CoCreateInstance
OleDraw
StringFromIID
CoCreateGuid
OleRun
RevokeDragDrop
CoGetClassObject
CoTaskMemRealloc

comctl32

ImageList_Replace
ImageList_GetIcon
ImageList_SetBkColor
ImageList_DrawEx
ImageList_DragEnter
InitCommonControlsEx
ImageList_Destroy
ImageList_GetIconSize
ImageList_Add
ImageList_DragLeave

gdi32

OffsetWindowOrgEx
SaveDC
GetEnhMetaFileHeader
SetMapMode
TextOutA
LineTo
EndPath
GetMetaFileBitsEx
MoveToEx
GetTextAlign
PatBlt

oleaut32

SysStringLen
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetUBound
VariantInit
SysStringByteLen

advapi32

InitializeSecurityDescriptor
GetTokenInformation
RegSetValueExA
CryptDestroyHash
RegQueryValueExW
RegQueryValueA
FreeSid
CheckTokenMembership
RegOpenKeyW

user32

CallWindowProcA
InsertMenuItemA
LoadIconA
GetCapture
DestroyWindow
MessageBeep
GetWindow
IsIconic
GetSystemMetrics

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efd0a9ca8a6f31204ee9956ef36717d9

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

ole32

comctl32

gdi32

oleaut32

advapi32

user32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 37KB - Virtual size: 63KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 37KB - Virtual size: 63KB

.rsrc
Size: 53KB - Virtual size: 52KB