07bde19f8aaf75fe49cf53607cc7b4fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07bde19f8aaf75fe49cf53607cc7b4fc_JaffaCakes118
Size

937KB
MD5

07bde19f8aaf75fe49cf53607cc7b4fc
SHA1

6341c7a2cc3689e7ff842568296579a41ea2a578
SHA256

9e76d3217a3caca7ee8a098c7a4a21a6c4341cc5655f7e89acca75f06b269716
SHA512

c9bc72018d3a1f9bbd640e39647e8e5677a2de7a27f9ec3d960723b2b398420666623e3881b62d8ed135f3b6310430081b85a4f58dc8c91aaf597c955bea6f01
SSDEEP

24576:8vOeeVpD454lSoyhlc1xB9CSfQFsERpAYB6A:82eeVpxelc1lCTFRNB6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07bde19f8aaf75fe49cf53607cc7b4fc_JaffaCakes118

Files

07bde19f8aaf75fe49cf53607cc7b4fc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

34fd19236968ed3a0ea45aabe8493c0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClipCursor
CreateIcon
DdeNameService
EndDialog
EqualRect
FillRect
FindWindowExA
GetKeyboardLayout
GetMessagePos
InvalidateRect
IsCharUpperA
IsWindow
IsZoomed
PostQuitMessage
SetCaretPos

kernel32

AllocConsole
BackupSeek
CancelIo
CopyFileA
CreateEventA
DeleteFileA
FoldStringA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
GetLastError
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetThreadTimes
GetTickCount
GetVolumeInformationA
HeapFree
IsBadStringPtrA
LoadLibraryA
LocalAlloc
MoveFileA
OpenFile
Sleep
TlsFree
VirtualAlloc
lstrcatA
lstrcpynA

advapi32

LsaEnumerateAccountsWithUserRight
LsaEnumeratePrivileges
LsaEnumerateTrustedDomains
RevertToSelf

gdi32

AnimatePalette
DeleteObject
EndDoc
FrameRgn
GetDeviceCaps
MoveToEx
PolylineTo
SetBkMode
SetTextColor
StartDocA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34fd19236968ed3a0ea45aabe8493c0b

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.code Size: 512B - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.code
Size: 512B - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: - Virtual size: 4KB