f8e48cbb087ea04e1d677ef517bcec46_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f8e48cbb087ea04e1d677ef517bcec46_JaffaCakes118
Size

68KB
MD5

f8e48cbb087ea04e1d677ef517bcec46
SHA1

a60b61f1ccc1f38cef8016931e4593f5723fbffd
SHA256

162faf104c39d64dc4acf29f6b54940a2919ce072df8926f06fbae0dbedbadb7
SHA512

1b30be7a153ca6a61ed1bbbce68bbab49e5b0c83699e7a29a0cde62be1a33b6eee63826add6f844a9064a0d3cf5f1f21d9a4b2fd9e75a833a19af11b3cb737a8
SSDEEP

1536:JgL4GIGP9crlLyumfnZkRKpAerTJE18L4gprZo73kVscvS0Pxe5mMLxg5DH2x:JoDumfneAvJg0Zo4B/s5vLxgJ2x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8e48cbb087ea04e1d677ef517bcec46_JaffaCakes118

Files

f8e48cbb087ea04e1d677ef517bcec46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cfdfd4f1df7bc2209e17c7d1e93583d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
DestroyWindow
CharNextA
SetWindowLongA
RegisterClassA
SetForegroundWindow
LoadStringW
UnregisterClassA
UpdateWindow
EndPaint
BeginPaint
LoadImageA
GetSystemMetrics
GetWindowLongA
CreateWindowExA
EnumDisplayMonitors
LoadBitmapA

advapi32

RegDeleteValueW
CryptCreateHash
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExW
CryptReleaseContext
RegOpenKeyExW
RegDeleteKeyW
CryptVerifySignatureA
CryptDestroyHash
RegQueryValueExA
CryptImportKey
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegDeleteValueA
RegQueryInfoKeyW
RegCreateKeyExA
CryptDestroyKey
RegQueryValueExW
RegEnumValueW
CryptHashData
CryptAcquireContextA
RegEnumKeyExW

gdi32

SetStretchBltMode
TextOutW
DeleteDC
SelectPalette
CreateCompatibleDC
SetBkMode
GetTextExtentPoint32A
CreateFontIndirectA
GetDeviceCaps
DeleteObject
GetObjectA
BitBlt
CreateDIBitmap
RealizePalette
CreatePalette
SetTextColor
SelectObject

kernel32

CreateFileMappingA
GetSystemDefaultLCID
GetTickCount
GetThreadLocale
FindResourceExA
EnterCriticalSection
GetLocaleInfoA
LoadLibraryA
VirtualAlloc
GetVersion
LoadLibraryExW
ReadFile
GetProcessHeap
CreateProcessA
GetModuleHandleA
AddAtomW
DeleteAtom
GetEnvironmentVariableA
GetProcAddress
TerminateProcess
LockResource
GetLastError
SetEvent
DuplicateHandle

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cfdfd4f1df7bc2209e17c7d1e93583d

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 13KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 13KB