7fcb9ffdd001ffccdd937dca935338d8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7fcb9ffdd001ffccdd937dca935338d8_JaffaCakes118
Size

176KB
MD5

7fcb9ffdd001ffccdd937dca935338d8
SHA1

302187712aab111413f1157b78d7deacc3908737
SHA256

f6a4d626f90bba7ad895dd4e267c2b7f0d28ff5fc1673342909c99527f3d338f
SHA512

b2096d85349b6cfcb352d59c530ae75bd1f21f2f5a6e9ec9ef2869a6c21d17323bb818e2b7c320ac9741521b550b9c34fa461469b79aaeee8c7707f6e503210e
SSDEEP

1536:De7SsgtW6Y38SqK/6k6EQ/qeS4742O1rsC2Ewky4iyTFObu2+Go3sy2V9+X4i9:DH83TikYjzwsC2E/tiyT+N+Ggh2fDi9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fcb9ffdd001ffccdd937dca935338d8_JaffaCakes118

Files

7fcb9ffdd001ffccdd937dca935338d8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ef527752dac697a96297aeec14a8401c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

sNQ.pdb

Imports

rpcrt4

RpcBindingInqAuthInfoExW

user32

EnableWindow
ChildWindowFromPoint
GetComboBoxInfo
SetWindowPos
TranslateMessage
GetLastInputInfo
GetSysColor
MapDialogRect
AddClipboardFormatListener

kernel32

AllocConsole
GetSystemInfo
IsProcessorFeaturePresent
TerminateJobObject
AllocateUserPhysicalPagesNuma
SetConsoleOutputCP
GetConsoleProcessList
GetThreadPriority
GetSystemDefaultLCID
GetProcessIoCounters
GetCommandLineA

ole32

CoFreeLibrary
MkParseDisplayName
CoRevokeMallocSpy

msvcrt

iswalpha

gdi32

GetTextCharsetInfo
OffsetRgn
ResizePalette
SelectClipRgn
PtVisible

shell32

SHFormatDrive

advapi32

RegOverridePredefKey
RegDisableReflectionKey
ImpersonateAnonymousToken

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Data
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef527752dac697a96297aeec14a8401c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

rpcrt4

user32

kernel32

ole32

msvcrt

gdi32

shell32

advapi32

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 7KB

DATA Size: 40KB - Virtual size: 38KB

CONST Size: 28KB - Virtual size: 25KB

Data Size: 60KB - Virtual size: 59KB

.rsrc Size: 20KB - Virtual size: 16KB

.reloc Size: 4KB - Virtual size: 312B

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 7KB

DATA
Size: 40KB - Virtual size: 38KB

CONST
Size: 28KB - Virtual size: 25KB

Data
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 4KB - Virtual size: 312B