168b964883c76e7b15bba0abded83506_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

168b964883c76e7b15bba0abded83506_JaffaCakes118
Size

84KB
MD5

168b964883c76e7b15bba0abded83506
SHA1

2f9dfc476cf89610c6ee821e1d151a1695427690
SHA256

f89a3125348abd357fc35b3ae014b1b4877a73bdf042ca002156411f484657b2
SHA512

681d6487fe141928e2d1a71ebc6f4f1ecae7d94fa4d09fc6757e4259bde437cda410be74020c83311a0619f1c234327ccda86744ba1d029f226174cfbb2c4a43
SSDEEP

1536:nu4j2yZxoISFrUzdwz9yu+D/0R48v7Bb40tC2i0c+jddW8Dx3vfDAoe:jvHoIYNsu+70RzBb40tC2iOzZe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
168b964883c76e7b15bba0abded83506_JaffaCakes118

Files

168b964883c76e7b15bba0abded83506_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1051816d688840c42f65b32cab50b861

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fwrite
__getmainargs
__p__commode
__p__fmode
__setusermatherr
sqrt
_acmdln
_stricmp
__set_app_type
malloc
fprintf
_onexit
calloc
_initterm
_except_handler3
memset
exit
_adjust_fdiv
free
strlen
_exit

kernel32

LocalFree
RemoveDirectoryA
GetConsoleOutputCP
FreeLibrary
SetEnvironmentVariableA
GetCommandLineW
LCMapStringA
GetLastError
GetModuleHandleW
VirtualQuery
GetEnvironmentStrings
WriteFile
lstrlenA
GetFileType
ReadFile
ExpandEnvironmentStringsA
IsBadCodePtr
GetStartupInfoA

comctl32

ImageList_DragShowNolock
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_GetIconSize
ImageList_Remove
ImageList_SetBkColor
ImageList_LoadImageW
ImageList_DrawEx
InitializeFlatSB
ImageList_GetImageCount

oleaut32

SysAllocStringLen
SafeArrayCreate
LoadTypeLib
SafeArrayRedim
SafeArrayPutElement
GetActiveObject
CreateErrorInfo
SysFreeString
VariantInit
SafeArrayGetUBound
SysStringByteLen
SysAllocStringByteLen
VariantCopy
SysStringLen

gdi32

GetDeviceCaps
OffsetRgn
StretchDIBits
ScaleWindowExtEx
CreateHatchBrush
CreateBitmap

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
CopySid
CryptHashData
CryptDestroyHash
FreeSid
RegEnumKeyExA
RegEnumValueW

user32

DrawIcon
EqualRect
CheckMenuItem
ScreenToClient
GetMenu
EndDialog
LoadCursorA
InsertMenuA
RegisterWindowMessageA

ole32

CoUninitialize
CreateBindCtx
CreateItemMoniker
CLSIDFromProgID
OleInitialize
OleGetClipboard
CoRegisterClassObject
IsEqualGUID
CoLoadLibrary
CoTaskMemFree
OleRun
OleUninitialize
CoInitializeSecurity
StringFromGUID2

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1051816d688840c42f65b32cab50b861

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

oleaut32

gdi32

advapi32

user32

ole32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 58KB - Virtual size: 58KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 3KB - Virtual size: 2KB