0fd768b362691c73f6e6c4c8737dbedb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0fd768b362691c73f6e6c4c8737dbedb_JaffaCakes118
Size

116KB
MD5

0fd768b362691c73f6e6c4c8737dbedb
SHA1

1f7ec245bac573c263f33de57ee0a9fd4a046946
SHA256

670370c4e117123a800370e4cb0e7c73182f8108bf69f066b8918c2fb957af55
SHA512

e4e913c803de914370b8e117f60a09e7f2f55f7b8c12d4ee4af0b9984dd1708779b9c034ac93d353b77667b8fac4bee47cf9c589754a71fe8fa5df76e3d5b8e3
SSDEEP

3072:LM8JQZydXTGlNZw3vrNr8hMI+WnwuY3RD5Bs:LMOQZCQZwDNwD3MRDA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fd768b362691c73f6e6c4c8737dbedb_JaffaCakes118

Files

0fd768b362691c73f6e6c4c8737dbedb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d403613ce748086d1df9f242c5e009f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
Module32Next
ExitProcess
OpenEventW
SetEndOfFile
GetCurrentDirectoryA
LeaveCriticalSection
LCMapStringA
GetSystemTimeAsFileTime
DeviceIoControl
OutputDebugStringA
SuspendThread
GetCommandLineA
OpenProcess

advapi32

RegQueryValueExW
LookupAccountSidW
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyW
AllocateAndInitializeSid
AdjustTokenPrivileges
CreateServiceA
RegEnumKeyExW
CloseServiceHandle
StartServiceW
FreeSid
DeleteService
InitializeSecurityDescriptor

msvcrt

_read
_onexit
malloc
strchr
wcsncat
fputs
_initterm
isxdigit
_strnicmp
_wtoi
?terminate@@YAXXZ
__set_app_type
__p__fmode
??1type_info@@UAE@XZ
exit
_wmakepath
_vsnprintf
gmtime
calloc
_errno
memmove
towlower
__unDName
fprintf
_itoa
_dstbias
isalnum

gdi32

ExtTextOutA
CreatePen
DeleteObject
CreateSolidBrush
GetEnhMetaFilePaletteEntries
EndDoc
CreateICW
Arc
RealizePalette
CreatePalette
SetDIBits
FillRgn
CreateBitmapIndirect
CreateBrushIndirect
BeginPath
TextOutW
GetDIBits
SetStretchBltMode

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kdata
Size: 5KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d403613ce748086d1df9f242c5e009f2

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

gdi32

version

Sections

.text Size: 83KB - Virtual size: 83KB

.data Size: 2KB - Virtual size: 2KB

.idata Size: 8KB - Virtual size: 77KB

.kdata Size: 5KB - Virtual size: 36KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 83KB - Virtual size: 83KB

.data
Size: 2KB - Virtual size: 2KB

.idata
Size: 8KB - Virtual size: 77KB

.kdata
Size: 5KB - Virtual size: 36KB

.rsrc
Size: 17KB - Virtual size: 17KB