2583aa165e5a9aa7b08e585fbba7b7a5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2583aa165e5a9aa7b08e585fbba7b7a5_JaffaCakes118
Size

111KB
MD5

2583aa165e5a9aa7b08e585fbba7b7a5
SHA1

6dfe1b305ad2e90ac23289dacd6daad7873cda78
SHA256

88ec4dbf791cadbe2ecc31757cdc67315035767bce904abff341227a3b1d2231
SHA512

64f57b5d3fdf045e4fd9ef4e425ea3f91c36181edf8b84be3f07023f07782b85793b2a8eccb548d0eb779bef63325f9bace3cf2bfc096c5ca3dadb67035ef93c
SSDEEP

3072:P0RQTsCUAPZ/ZlCUGyxDmBubf7KgXQrslF:OQACUAPZv61+fQuF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2583aa165e5a9aa7b08e585fbba7b7a5_JaffaCakes118

Files

2583aa165e5a9aa7b08e585fbba7b7a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b6ec5cfc76b63734559939aae27a73e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fread
_except_handler3
malloc
fopen
_initterm
calloc
_onexit
strlen
memset
__p__fmode
_exit
realloc
free
remove
fwrite
fclose
__set_app_type
_errno
_XcptFilter
sprintf
strcpy
__setusermatherr
printf
__getmainargs
_adjust_fdiv
__p__commode
strcmp
fseek
_acmdln
exit

kernel32

LoadLibraryA
IsValidCodePage
GetModuleHandleW
GetConsoleOutputCP
FreeEnvironmentStringsW
WideCharToMultiByte
TerminateProcess
GetStringTypeA
OutputDebugStringA
VirtualAlloc
GetProcAddress
RemoveDirectoryA
GetLocaleInfoW

user32

GetIconInfo
SetScrollPos
OemToCharA
EnableMenuItem
WindowFromPoint
DestroyIcon
GetMenuItemID
SystemParametersInfoA
CharNextA
LoadBitmapA
UpdateWindow
GetClassNameA
RegisterClassA
ClientToScreen

oleaut32

SafeArrayPutElement
GetErrorInfo
SysStringLen
VariantCopyInd
SysAllocStringByteLen
SafeArrayPtrOfIndex
VariantInit
GetActiveObject
SafeArrayGetUBound
LoadTypeLib
SysReAllocStringLen
SysFreeString

comctl32

ImageList_Create
ImageList_Add
ImageList_GetIconSize
ImageList_SetOverlayImage
ImageList_DrawEx
CreateToolbarEx

ole32

IsAccelerator
OleSetMenuDescriptor
OleIsCurrentClipboard
OleSetClipboard
OleFlushClipboard
CoInitialize
StringFromCLSID
CreateILockBytesOnHGlobal
GetRunningObjectTable
CoLoadLibrary

shell32

SHAddToRecentDocs
DragQueryFile
SHBindToParent
CommandLineToArgvW
SHBrowseForFolder
DoEnvironmentSubstW
ShellExecuteExW
FindExecutableW
SHGetPathFromIDList
ExtractIconExA
SHCreateDirectoryExA
Shell_NotifyIconA
Shell_NotifyIconW

advapi32

ControlService
RegDeleteValueW
RegCreateKeyExA
RegQueryInfoKeyW
OpenProcessToken
RegOpenKeyExW
RegQueryValueA
RegEnumValueW
RegOpenKeyW

gdi32

GetBitmapBits
EndPath
CreateSolidBrush
GetCharacterPlacementA
SetPixel
CreateFontA
GetDeviceCaps
SetTextColor
SetWindowOrgEx
CreatePalette
GetStretchBltMode

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6ec5cfc76b63734559939aae27a73e3

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

oleaut32

comctl32

ole32

shell32

advapi32

gdi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 46KB - Virtual size: 60KB

.rsrc Size: 58KB - Virtual size: 58KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 46KB - Virtual size: 60KB

.rsrc
Size: 58KB - Virtual size: 58KB