40e24bffbeb155f168a01bc1e0e73ec9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40e24bffbeb155f168a01bc1e0e73ec9_JaffaCakes118
Size

86KB
MD5

40e24bffbeb155f168a01bc1e0e73ec9
SHA1

c8e587796cb4ae03be93aa6d8b23bb381ad5b344
SHA256

bc10a2c91b85c0fb66b0dae1c5e56dad67b99a55540d305b1d1ca35ebf346ca7
SHA512

c90af20b16cd326833109d4fe7bef6ed291d067bd5c4dbc7019e1932e4b2d56f9da3772be148fb134a4f683fe252fd4382d059a7ac0f4bcfe2fdd6ff97e35845
SSDEEP

1536:77ICvH26z10KwRysdctkTD+OtXNNAZAhVysWM98V/cxgY+L1CAs:77ICRzCKwoKDvnmZyQJxV/cxeL1CL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e24bffbeb155f168a01bc1e0e73ec9_JaffaCakes118

Files

40e24bffbeb155f168a01bc1e0e73ec9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c1908ebf8079128485eef79ba71bcf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UnhookWindowsHookEx
SetWindowPos
SetWindowTextA
EnableMenuItem
GetSysColorBrush
EqualRect
FrameRect
PostQuitMessage
EnumWindows
GetScrollPos
GetSysColor
GetSubMenu
GetMessageA

kernel32

GetTimeZoneInformation
GetTempPathA
GetTickCount
QueryPerformanceCounter
InterlockedExchange
FileTimeToSystemTime
VirtualAllocEx
GetOEMCP
GetThreadLocale
GetSystemTime
GetStartupInfoA
GetFileAttributesA
ExitProcess
RtlUnwind
GetCurrentProcessId
SetUnhandledExceptionFilter

gdi32

DPtoLP
ExcludeClipRect
SelectClipPath
CreateICW
CreateCompatibleBitmap
FillRgn
GetMapMode
CopyEnhMetaFileA
SetViewportExtEx

ole32

CoRevokeClassObject
CoInitializeSecurity
OleRun
StgOpenStorage
CoCreateInstance
DoDragDrop
CoTaskMemRealloc
CoInitialize
StringFromGUID2

advapi32

AdjustTokenPrivileges
CryptHashData
RegQueryValueExW
GetSecurityDescriptorDacl
RegCreateKeyExW
RegCreateKeyA
FreeSid
CheckTokenMembership
GetUserNameA
QueryServiceStatus

msvcrt

_fdopen
_flsbuf
__getmainargs
puts
_strdup
_lock
signal
raise
strcspn
fprintf
strncpy
__setusermatherr
_CIpow
__initenv
_mbscmp
iswspace
strlen
fflush

comctl32

ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Destroy
ImageList_Write
ImageList_GetBkColor
ImageList_DrawEx
InitCommonControls
ImageList_LoadImageW
CreatePropertySheetPageA
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_GetIcon

shell32

DragQueryFileW
SHBrowseForFolderA
ShellExecuteW
ExtractIconW
DragQueryFileA
DragAcceptFiles
ShellExecuteEx
ExtractIconExW
CommandLineToArgvW
SHGetPathFromIDList
DoEnvironmentSubstW

oleaut32

SafeArrayGetUBound
SafeArrayPutElement
SafeArrayUnaccessData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayPtrOfIndex
SysReAllocStringLen

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c1908ebf8079128485eef79ba71bcf8

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 36KB - Virtual size: 36KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 36KB - Virtual size: 36KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 6KB - Virtual size: 5KB