fba4324961b3a74b23a3c76411e986c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fba4324961b3a74b23a3c76411e986c2_JaffaCakes118
Size

434KB
MD5

fba4324961b3a74b23a3c76411e986c2
SHA1

6bb1be527080687b81a0619015bf3bc95504f612
SHA256

9e9ec272cd6ac3ece1f832be700e151c7df6001a2fe7d78008cd15568c1a5628
SHA512

62739b20df924b400ccca332fa1a447f87e3db27888d1bf484eb1b620f23cbc4e5dd5704ea72076bace55c44c4d7742810177badec1999e2b08cf5b07a550cf2
SSDEEP

6144:fVMa6CPJbQqGKzR4FtAuwNfuQVo8vAmGGwCPL1PF6BtExetqljmwH93YWCDN3f1O:fmaxSW96LYo8mSPWspljFRYxlncIy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fba4324961b3a74b23a3c76411e986c2_JaffaCakes118

Files

fba4324961b3a74b23a3c76411e986c2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b19391f696f547b84a25b9b8234b1bea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord823
ord825

advapi32

RegQueryValueExA
RegisterEventSourceA
ReportEventA

ole32

CoCreateInstance

oleaut32

SysAllocString
VariantClear
VariantInit
SystemTimeToVariantTime
SysFreeString

user32

GetDlgItem
wsprintfW
GetWindowLongW
LoadStringW
wsprintfA
EndDialog
GetFocus
GetWindowRect
LoadStringA
SendMessageW
SetWindowLongW
DialogBoxParamW
UpdateWindow

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upack
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspack
Size: 406KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.usa
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b19391f696f547b84a25b9b8234b1bea

Headers

DLL Characteristics

File Characteristics

Imports

mfc42u

advapi32

ole32

oleaut32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.upx Size: 1024B - Virtual size: 4KB

.upack Size: 1024B - Virtual size: 4KB

.tls Size: 1024B - Virtual size: 4KB

.aspack Size: 406KB - Virtual size: 408KB

.usa Size: 1024B - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 36KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.upx
Size: 1024B - Virtual size: 4KB

.upack
Size: 1024B - Virtual size: 4KB

.tls
Size: 1024B - Virtual size: 4KB

.aspack
Size: 406KB - Virtual size: 408KB

.usa
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 36KB