3870ac533e789ed9f57c35994f6969b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3870ac533e789ed9f57c35994f6969b9_JaffaCakes118
Size

275KB
MD5

3870ac533e789ed9f57c35994f6969b9
SHA1

af77ccf75a8d6d570b42dea23824120a534e4a6b
SHA256

c0997041f7686566d8649837be51eb3260b3750d019b19d2c17d4e4b9f0865d1
SHA512

3a8d9fe5f6028f669aa92f84b3cdd7b898d8f874620c15709833539f05c248fdfde35c525723ea97926ca002c18cfc457ca367fbe7a74b6ea32bbebecdd86020
SSDEEP

6144:AG+nyrCm06nM9N3QoLpKpTrf3xYYKrgu00jj/ZYMr:AG+yrCm5AQqKp/qYKrgu00XFr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3870ac533e789ed9f57c35994f6969b9_JaffaCakes118

Files

3870ac533e789ed9f57c35994f6969b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fd9f26a92ff1c917490e27487805455

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerFindFileA
GetFileVersionInfoSizeA
VerInstallFileA
GetFileVersionInfoA
VerFindFileA
VerQueryValueA
VerFindFileA
VerInstallFileA
VerFindFileA
GetFileVersionInfoSizeA

gdi32

LineTo
GetDCOrgEx
SetBkColor
CreateBitmap
SelectPalette
CreateFontIndirectA
SetPixel
GetBitmapBits
BitBlt
SetBkColor
GetPaletteEntries
CreatePenIndirect
SetTextColor
GetDIBColorTable
SelectPalette
CreateBrushIndirect
BitBlt
GetObjectA
CreateBitmap

msvcrt

sqrt
wcstol
fabs
wcsncmp
memmove
atan
srand
cos
tolower
log10

comdlg32

GetOpenFileNameA

shell32

SHGetFolderPathA
SHGetDiskFreeSpaceA
SHGetFileInfoA
SHFileOperationA
SHGetSpecialFolderLocation

comctl32

ImageList_Add
ImageList_GetBkColor
ImageList_Read
ImageList_Write
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetBkColor
ImageList_Remove
ImageList_Destroy
ImageList_DrawEx

kernel32

lstrcatA
lstrlenA
LoadLibraryA
ExitProcess
GetProcAddress
IsBadReadPtr
VirtualAlloc
GetModuleHandleA
ExitThread
GetACP
GetLastError
GetCommandLineW
LoadLibraryExA
GetVersionExA

advapi32

RegEnumKeyExA
RegQueryValueExA

oleaut32

SysAllocStringLen
SafeArrayPtrOfIndex
OleLoadPicture
VariantCopyInd
SafeArrayUnaccessData

ole32

CoCreateGuid
CLSIDFromString
OleRun
CoGetObjectContext
CoCreateInstanceEx
CLSIDFromProgID

shlwapi

SHDeleteKeyA
SHEnumValueA
SHStrDupA
SHQueryInfoKeyA
SHDeleteValueA
PathFileExistsA
PathIsDirectoryA
SHGetValueA
PathGetCharTypeA
PathIsContentTypeA

user32

ShowOwnedPopups
IsZoomed
DefFrameProcA

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data7
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data8
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fd9f26a92ff1c917490e27487805455

Headers

File Characteristics

Imports

version

gdi32

msvcrt

comdlg32

shell32

comctl32

kernel32

advapi32

oleaut32

ole32

shlwapi

user32

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 1024B - Virtual size: 928B

.data9 Size: 1KB - Virtual size: 1KB

.data3 Size: 1024B - Virtual size: 681B

.data7 Size: 223KB - Virtual size: 223KB

.data8 Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 996B

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 1024B - Virtual size: 928B

.data9
Size: 1KB - Virtual size: 1KB

.data3
Size: 1024B - Virtual size: 681B

.data7
Size: 223KB - Virtual size: 223KB

.data8
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 996B