8d6186658958e29ff84ac8e8d45c96cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8d6186658958e29ff84ac8e8d45c96cf_JaffaCakes118
Size

347KB
MD5

8d6186658958e29ff84ac8e8d45c96cf
SHA1

0418a6f893eb8095cc5c2cdc702bd7c420739c00
SHA256

0b501e2cedad1838304551cb04498cfe2f47fb31ca7c0a4a05bd444a7f039158
SHA512

862c2b257386ad23f9a520e65a5595517294fa9f4425c94055f0db7a2714b7b000744beb170f630999a701128a8131632137bb0b81ba7052eddcd2a5c0a85f5a
SSDEEP

3072:c3X55K8ivf2WETl4QuNRLurVzwefoh5/nmXkQr5D0elEo81WZfZ4bIGDiIkya9gu:+we8/mzielEP1aZ4cGOI+gSS3rM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d6186658958e29ff84ac8e8d45c96cf_JaffaCakes118

Files

8d6186658958e29ff84ac8e8d45c96cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

18e04a06eea024808be8462baf0a5317

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

PDB Paths

5334g42g\\ehre\\eh#HENr.pdb

Imports

msvcrt

memset

setupapi

CM_Set_DevNode_Registry_PropertyW
SetupInitDefaultQueueCallback

netapi32

NetServerTransportAddEx

advapi32

RegFlushKey
QueryServiceStatusEx
SetThreadToken

winscard

SCardBeginTransaction

kernel32

FormatMessageW
GetModuleHandleW
GetConsoleHistoryInfo
GetFileSizeEx
GetCPInfo
GetLogicalDrives

user32

SetActiveWindow
GetWindowTextLengthW
SetCursor
SetWindowPlacement
UnhookWinEvent
SetWindowLongW
CallWindowProcA
IsIconic
ReleaseDC
GetMessageW
SetScrollPos
GetKeyboardLayout
UpdateWindow
CloseClipboard
MoveWindow
GetSubMenu
ShowWindow
DispatchMessageW
CheckMenuItem
GetAncestor
GetSystemMetrics
GetFocus
SendMessageW
PeekMessageW
GetDlgItemTextW
DrawTextExW
GetWindowLongW
ChildWindowFromPoint
TranslateAcceleratorW
DialogBoxParamW
MessageBoxW
SetFocus
GetDlgItem
CharUpperW
SetForegroundWindow
PostMessageW
EndDialog
LoadIconW
IsHungAppWindow
EndDeferWindowPos
IsDialogMessageW
WinHelpW
SetDlgItemTextW

msvfw32

DrawDibChangePalette

gdi32

PatBlt

lz32

LZInit
LZSeek

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt2
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rdata0
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18e04a06eea024808be8462baf0a5317

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

setupapi

netapi32

advapi32

winscard

kernel32

user32

msvfw32

gdi32

lz32

Sections

.text Size: 98KB - Virtual size: 97KB

.crt2 Size: 4KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 1KB

.rdata0 Size: 240KB - Virtual size: 240KB

.rsrc Size: 1024B - Virtual size: 1000B

.text
Size: 98KB - Virtual size: 97KB

.crt2
Size: 4KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 1KB

.rdata0
Size: 240KB - Virtual size: 240KB

.rsrc
Size: 1024B - Virtual size: 1000B