17c4c7821784e34332d4a1053306df0e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17c4c7821784e34332d4a1053306df0e_JaffaCakes118
Size

149KB
MD5

17c4c7821784e34332d4a1053306df0e
SHA1

aa47d10947466af75fae5e9d7e463d8c0b317868
SHA256

d10670a02f33994f8f8ca4d868b423065f4130c1d33383e226ac99fa17227bc8
SHA512

a8ad9e7a3a9bd988de9d8166089356ccb29ebac6acfc7f428d8036b25aacbeaa7e29804c7c9e9784ca862aa6c52029a25725f26c879935dbbce29dfcc37c25ca
SSDEEP

3072:v75kdZI66iYiwC4Hyh0lSxcX/T8qPkd01nRMjFZEr:+ZI66i3hSSUxPkdknyjFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17c4c7821784e34332d4a1053306df0e_JaffaCakes118

Files

17c4c7821784e34332d4a1053306df0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9618d8264f65afe848d7114f1138474

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetStartupInfoA
CompareStringA
WideCharToMultiByte
GetCommandLineA
GetUserDefaultLCID
GetACP
GetModuleFileNameA
FileTimeToDosDateTime
lstrlenW
GetModuleHandleA
GetStdHandle
SetFileAttributesA

msvcrt

_XcptFilter
memcpy
puts
__set_app_type
_initterm
__getmainargs
abort
exit
__p__fmode
_adjust_fdiv
_setjmp3
__p__commode
isleadbyte
_acmdln
_except_handler3
__setusermatherr
strrchr
_dup2
_getch
log

user32

SetPropA
LoadIconA
PostMessageA
KillTimer
CallWindowProcA
GetScrollPos
GetPropA
GetCursorPos
FillRect

comctl32

CreatePropertySheetPageA
ImageList_Remove
ImageList_Destroy
DestroyPropertySheetPage
ImageList_DrawEx

ole32

StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetInterfaceAndReleaseStream
IIDFromString
CoTaskMemFree
CoRegisterMessageFilter
RevokeDragDrop
CoFreeUnusedLibraries
OleSetClipboard

shell32

SHGetDiskFreeSpaceExW
SHCreateDirectoryExW
SHAppBarMessage
ShellExecuteExW
SHGetFolderLocation
ExtractIconA
SHFileOperationA
FindExecutableW
SHBrowseForFolderW
Shell_NotifyIconA

gdi32

RectInRegion
CreateDCA
SetArcDirection
GetWindowExtEx
CreateSolidBrush
SetRectRgn

oleaut32

SafeArrayPutElement
SysFreeString
SafeArrayCreate
SetErrorInfo
CreateErrorInfo
GetErrorInfo
SysAllocStringLen
SafeArrayGetUBound

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
VerInstallFileA

advapi32

SetSecurityDescriptorGroup
RegEnumKeyExA
RegEnumKeyExW
SetSecurityDescriptorOwner
RegSetValueExW
EqualSid
LookupPrivilegeValueW
RegQueryValueExW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9618d8264f65afe848d7114f1138474

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

comctl32

ole32

shell32

gdi32

oleaut32

version

advapi32

Sections

.text Size: 63KB - Virtual size: 63KB

.data Size: 48KB - Virtual size: 48KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 63KB - Virtual size: 63KB

.data
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 36KB - Virtual size: 36KB