9230cacbc92a9229aaf0c7bcbe709d4b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9230cacbc92a9229aaf0c7bcbe709d4b_JaffaCakes118
Size

118KB
MD5

9230cacbc92a9229aaf0c7bcbe709d4b
SHA1

094828f44dc3f807adfa8840d22f92a3ff86e2ff
SHA256

655371c02de67c6517cde160e17a2189ecb8c5017453c341e512a9bc4fe6aa80
SHA512

cff140781eb0c6b0cb92665f7a065046caccb180730e9760aeaf6d4bd5ca4ea026566821579d6ebf2d0c6196aac347363e7180d58c867cc6f39a13f202df5bbe
SSDEEP

1536:8RzPuTmdK//re7r150X8jUtZhFCBxN3fCK/Xhu2Ric3vd2:8t6mdKXr2B5G8j1CK/7RiOd2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9230cacbc92a9229aaf0c7bcbe709d4b_JaffaCakes118

Files

9230cacbc92a9229aaf0c7bcbe709d4b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0516938f871310d8e051d6a5b6c868e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

rtjheWRJKeyWY@#yhJtrjER.pdb

Imports

shell32

SHEnumerateUnreadMailAccountsW

clusapi

GetClusterResourceNetworkName

msvcrt

iswdigit

rpcrt4

RpcMgmtEnableIdleCleanup
RpcMgmtStopServerListening

shlwapi

UrlGetLocationW

kernel32

GetThreadId
SetThreadUILanguage
FlsGetValue
FlsFree
DebugBreak
GetThreadLocale
PurgeComm
GetPriorityClass
SetProcessWorkingSetSizeEx
lstrlenA
FillConsoleOutputCharacterA
SetConsoleOutputCP
GetProcessShutdownParameters
SetDefaultCommConfigA
ReadConsoleW

gdi32

SetViewportOrgEx
FrameRgn
DeleteDC
StrokePath
GetTextCharsetInfo
SetPixelV
CreateDIBitmap
GetCharABCWidthsW
GetCharWidthA
StartDocA
RemoveFontResourceA

user32

DrawMenuBar
DrawCaption
GetUpdateRect
DrawStateW

advapi32

GetSecurityDescriptorLength

setupapi

SetupGetLineTextW
SetupDiSetDeviceRegistryPropertyA
SetupDiEnumDriverInfoA

mprapi

MprConfigInterfaceTransportAdd
MprAdminMIBEntryGet

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0516938f871310d8e051d6a5b6c868e9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

clusapi

msvcrt

rpcrt4

shlwapi

kernel32

gdi32

user32

advapi32

setupapi

mprapi

Sections

.text Size: 112KB - Virtual size: 112KB

.data Size: 1024B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 112KB - Virtual size: 112KB

.data
Size: 1024B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB