168478ad2450bc5b5cda0dc328b8fc85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

168478ad2450bc5b5cda0dc328b8fc85_JaffaCakes118
Size

105KB
MD5

168478ad2450bc5b5cda0dc328b8fc85
SHA1

89b5347277052bf87631219af72017587bb50408
SHA256

b42c652675bcd02d3cb49028635344f723647e4f78a636224423be4349dafb71
SHA512

66300923cc590e42426b8146fa6f96e0cf9f3de58f2c889e3746a43e776efc27a6f7869ff7c93e22772bb8e80af789526767d7e4adb0b96c04d0da35d44ba8a6
SSDEEP

1536:8fBGlTbxRsc0zstqd/0fUbmUvI8sJX+Oe249T+g2T+1uIkn3zMF1bL8B13uE6Oc/:cwlnI/MqTvI1X+OeTU+1QzMvb4IE0q+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
168478ad2450bc5b5cda0dc328b8fc85_JaffaCakes118

Files

168478ad2450bc5b5cda0dc328b8fc85_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7ddd4366d43b46749b9ccbd8c75f65f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
SetDlgItemTextA
GetSystemMenu
GetMessageA
PostMessageA
SetWindowsHookExA
LoadBitmapA
WaitMessage
GetCursorPos
GetWindowRect
DestroyCursor
LoadStringA
GetMenu
WinHelpA
GetMenuState
GetSysColor
DialogBoxParamA
GetLastActivePopup
SystemParametersInfoA
GetClassInfoA

msvcrt

_acmdln
sqrt
fflush
free
__setusermatherr
fopen
abort
_exit
sprintf
_XcptFilter
_adjust_fdiv
_write
__getmainargs
strrchr
__p__commode
calloc
_initterm
_except_handler3
malloc
__set_app_type
strlen
_snprintf
realloc
__p__fmode

comdlg32

GetOpenFileNameA

kernel32

SetHandleCount
GlobalHandle
RaiseException
GetStartupInfoA
GetNumberFormatA
FileTimeToLocalFileTime
ExitProcess
IsDBCSLeadByte
SetFileAttributesA
GetStringTypeExA
SetFileTime
GetLocaleInfoA
GetCurrentDirectoryA
GetUserDefaultLCID

comctl32

ImageList_GetIcon
ImageList_Remove
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_DragEnter
ImageList_Draw
ImageList_SetOverlayImage
CreateStatusWindowA
CreatePropertySheetPageA
ImageList_Add

ole32

CoRevokeClassObject
RevokeDragDrop
OleIsCurrentClipboard
CoInitializeSecurity
StgCreateDocfileOnILockBytes
ProgIDFromCLSID
CoRegisterClassObject
OleUninitialize

advapi32

CryptCreateHash
FreeSid
OpenServiceW
RegQueryInfoKeyW
RegSetValueExW
CloseServiceHandle
GetLengthSid
OpenProcessToken
RegCreateKeyA
RegQueryInfoKeyA

gdi32

RectInRegion
StartPage
GetNearestColor
GetTextColor
SetMapperFlags
GetTextFaceW
GetNearestPaletteIndex
CreateCompatibleBitmap
DeleteObject

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ddd4366d43b46749b9ccbd8c75f65f1

Headers

File Characteristics

Imports

user32

msvcrt

comdlg32

kernel32

comctl32

ole32

advapi32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 9KB - Virtual size: 47KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 47KB

.rsrc
Size: 17KB - Virtual size: 16KB