0adae282d2c13a80d7f801750487cde7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0adae282d2c13a80d7f801750487cde7_JaffaCakes118
Size

324KB
MD5

0adae282d2c13a80d7f801750487cde7
SHA1

2a46644e8e4eaba849d72c893a8738d7d95de37a
SHA256

d11379bffe9a4f5f6254ac752be72574968679f260d5ada52f2f982f1ed1fc2a
SHA512

9f241f08a5c1bd885c62ecbd52053da001c970030523511aeed5240ebd193908135f86b5a0c22049cc4da792af898dc5c3af3310fea5c364e5d4303bb752ccdd
SSDEEP

6144:1nMmSovfmcitAlKS+40MzQTbxQy8tfqNnJ6R6vlvemXJcOQaajsCNLvbl:5MmyciGlKS+40bP6ywcnIRqlp69aS9T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0adae282d2c13a80d7f801750487cde7_JaffaCakes118

Files

0adae282d2c13a80d7f801750487cde7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70e64b1d851d7d3ffc24b5c67a10b377

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextW

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
RegCloseKey

oleaut32

VariantClear

ntdll

RtlAdjustPrivilege
NtAllocateVirtualMemory
RtlAddAccessAllowedAceEx

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

rpcrt4

RpcStringFreeW

msvcrt

realloc
wcsncpy
malloc
_except_handler3
_purecall
_initterm
wcscpy
__CxxFrameHandler
wcslen
wcsncat
free
_adjust_fdiv

kernel32

GetStartupInfoA
HeapDestroy
lstrcmpiW
LoadLibraryExW
DeleteCriticalSection
lstrlenA
EnterCriticalSection
MultiByteToWideChar
lstrcatW
InterlockedIncrement
lstrcpyW
InterlockedDecrement
GetACP
SizeofResource
GetModuleFileNameW
lstrcpynW
FindResourceW
InitializeCriticalSection
FreeLibrary
DisableThreadLibraryCalls
LoadResource
lstrlenW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70e64b1d851d7d3ffc24b5c67a10b377

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

oleaut32

ntdll

ole32

rpcrt4

msvcrt

kernel32

Sections

.text Size: 9KB - Virtual size: 8KB

.rsrc Size: 12KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 1.4MB

.rdata Size: 298KB - Virtual size: 298KB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 1.4MB

.rdata
Size: 298KB - Virtual size: 298KB

.tls
Size: 512B - Virtual size: 4KB