6804b9cc85f6e8a521aa44f7fddb3d2b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6804b9cc85f6e8a521aa44f7fddb3d2b_JaffaCakes118
Size

18KB
MD5

6804b9cc85f6e8a521aa44f7fddb3d2b
SHA1

ad1b72c003bcba5ba15bbe687c120045f7bb9486
SHA256

0464fcf054ff3ded7c4891fd8a59009eac3d438c8f62677350d9bf6210d31e55
SHA512

fd184d1f85cd18210ea390028839658abe6095a15f95ee87589b8c4e98d7b90e72e6e98b0f86a732d6187279c06e171b38a39ae057ac9d65d31a97ac4acae2b7
SSDEEP

384:8rwipIbHlQDp0e/3Awu+uWh6tsQofMyzjEcrhZZ2DsrI7vvxlLLWMmtW:8rCHlQDpt3Aw1uWh6tsgyz9tzrI7Dc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6804b9cc85f6e8a521aa44f7fddb3d2b_JaffaCakes118

Files

6804b9cc85f6e8a521aa44f7fddb3d2b_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c87b71118b8652cd02563c469321a460

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

skypebackgroundtasks

SkypeBackgroundTaskSetSkyLibLoader

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage

api-ms-win-eventing-provider-l1-1-0

EventRegister

api-ms-win-core-libraryloader-l2-1-0

LoadPackagedLibrary

api-ms-win-core-errorhandling-l1-1-1

GetLastError

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce

api-ms-win-core-errorhandling-l1-1-3

RaiseFailFastException

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString

api-ms-win-core-winrt-l1-1-0

RoInitialize

api-ms-win-core-winrt-error-l1-1-1

RoOriginateError

api-ms-win-core-com-l1-1-1

CoTaskMemFree

vccorlib120_app

??0Object@Platform@@Q$AAA@XZ

msvcp120_app

?_Xbad_alloc@std@@YAXXZ

msvcr120_app

_lock

api-ms-win-core-util-l1-1-0

DecodePointer

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

GetCurrentThreadId

api-ms-win-core-sysinfo-l1-2-1

GetTickCount64

Sections

.MPRESS1
Size: 12KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c87b71118b8652cd02563c469321a460

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

skypebackgroundtasks

api-ms-win-eventing-classicprovider-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-libraryloader-l2-1-0

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-errorhandling-l1-1-3

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-com-l1-1-1

vccorlib120_app

msvcp120_app

msvcr120_app

api-ms-win-core-util-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

Sections

.MPRESS1 Size: 12KB - Virtual size: 52KB

.MPRESS2 Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 888B

.MPRESS1
Size: 12KB - Virtual size: 52KB

.MPRESS2
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 888B