17fbc6e8f1bcebfd798ce8dc0c58316f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

17fbc6e8f1bcebfd798ce8dc0c58316f_JaffaCakes118
Size

105KB
MD5

17fbc6e8f1bcebfd798ce8dc0c58316f
SHA1

57be109ae6ed2c3f12a8e1be4ed3c56cfd1bd533
SHA256

ce02554f6c780b9264b6d01a94feb3cd508b306b788d68035e2a03b2e98b234b
SHA512

2260132f3d615ef523ec314ad2d83f159488907e1406e59748cfefb63865df28e520e1e845bbb03892a1b9d7b333d20c8aad70ebf202147e014d5967b7a131fc
SSDEEP

1536:C0y1xNr+yVMomfXHWvD7XWI0rwE3WsL8jfOc+7KxftWpLlWpqxhy/JqHVADQxy:CHrXm/a/YrwE3Wr27Kxl4kMxPHqd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17fbc6e8f1bcebfd798ce8dc0c58316f_JaffaCakes118

Files

17fbc6e8f1bcebfd798ce8dc0c58316f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26259a82dab14a4571b3027246a3ec1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strnicmp
_XcptFilter
_except_handler3
strncpy
strlen
fclose
free
getenv
sqrt
__p__fmode
fread
memset
_exit
_adjust_fdiv
_initterm
__p__commode
_cexit
__getmainargs
_controlfp
abort
fprintf
__dllonexit
realloc
atoi
__p___initenv
__set_app_type
__setusermatherr
calloc

comdlg32

GetOpenFileNameA

kernel32

LocalFileTimeToFileTime
GetTimeZoneInformation
VirtualQuery
SetThreadLocale
OutputDebugStringA
GetTickCount
SetHandleCount
GetSystemTime
GetPrivateProfileStringA
VirtualProtectEx
lstrcmpiW
DeleteFileW
InterlockedIncrement
GetNumberFormatA
FreeEnvironmentStringsA
InterlockedExchange
VirtualAlloc

user32

DispatchMessageA
GetClassInfoA
UnregisterClassA
UnhookWindowsHookEx
GetWindowRect
OpenClipboard
IsWindowEnabled
OffsetRect
IsWindowVisible
ReleaseDC
SetDlgItemTextA
SetWindowPlacement
RemovePropA

comctl32

ImageList_GetIcon
ImageList_Create
CreateStatusWindowA
ImageList_BeginDrag
ImageList_AddMasked
PropertySheetW
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_GetBkColor
ImageList_GetIconSize
ImageList_SetDragCursorImage
ImageList_Read
ImageList_DragShowNolock

advapi32

CryptHashData
CryptReleaseContext
AllocateAndInitializeSid
OpenServiceW
AdjustTokenPrivileges
RegEnumKeyExA
CryptCreateHash
RegDeleteValueA
CheckTokenMembership
RegOpenKeyExW
CryptDestroyHash
RegQueryValueExA
SetSecurityDescriptorOwner

ole32

CoReleaseMarshalData
OleSetMenuDescriptor
StgCreateDocfileOnILockBytes
OleGetClipboard
CoInitializeSecurity
OleFlushClipboard
CoGetInterfaceAndReleaseStream

gdi32

LPtoDP
GetTextCharsetInfo
CreateDIBSection
PlayMetaFile
EnumFontFamiliesExW
GetTextMetricsW
PlayMetaFileRecord
AddFontResourceA
GetROP2
GetNearestColor
GetTextExtentPoint32A
GetCurrentObject
DeleteMetaFile
EndDoc
GetTextExtentPoint32W

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26259a82dab14a4571b3027246a3ec1e

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

comctl32

advapi32

ole32

gdi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 46KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 46KB

.rsrc
Size: 24KB - Virtual size: 23KB