0def082f6f971fe067bc3073c852b189_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0def082f6f971fe067bc3073c852b189_JaffaCakes118
Size

70KB
MD5

0def082f6f971fe067bc3073c852b189
SHA1

208e2523344bf8778e4836e028c97f61cc0c9f0d
SHA256

95029e2950fa1f195144cafd73f84da6d32ceae9c9a42d3a0ab1e55a02bedc78
SHA512

72d7891395aca505e4ee04b24c4ad093d3465e0e08a19c6242307715eca53a88722dbe0634532f84332d451b5b063abd99a94a33eb9990b7ee4babe35f51aee7
SSDEEP

1536:sLFwUvwL9RupSkd29nSe+L6ZtTqI1FgRddkI5:s2//QFdKSBCt71FgRdd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0def082f6f971fe067bc3073c852b189_JaffaCakes118

Files

0def082f6f971fe067bc3073c852b189_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5a6f2116e3e5421eadb0dd0354e0b8b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
_c_exit
_exit
_XcptFilter
_cexit
exit
__initenv
_except_handler3
_controlfp
__set_app_type
toupper
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
RegSetValueExW

kernel32

FormatMessageW
GetModuleHandleA
GetDiskFreeSpaceW
SetEvent
CreateThread
GetDriveTypeW
LocalAlloc
LocalFree
lstrlenW
GetTickCount
CloseHandle
OpenProcess
Sleep
CreateProcessW
lstrcpyW
GetDiskFreeSpaceExW
GetStartupInfoW
WaitForSingleObject
GetVolumeInformationW
GetLastError
CreateEventW
GetModuleHandleW
GetStartupInfoA
SetErrorMode
GetCommandLineW
WideCharToMultiByte
MulDiv
LoadLibraryExW
GetSystemDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
PulseEvent

gdi32

SetBkMode
SetBkColor
GetTextExtentPoint32W
ExtTextOutW
SetTextColor

user32

SetCursor
LoadCursorW
TranslateMessage
MsgWaitForMultipleObjects
GetWindowThreadProcessId
FindWindowW
LoadStringW
wsprintfW
ShowWindow
MessageBoxW
EnumWindows
RegisterClassW
DefDlgProcW
DispatchMessageW
SendMessageW
GetDlgItem
SetDlgItemTextW
GetSystemMetrics
GetClientRect
WinHelpW
EnableWindow
SetWindowLongW
GetWindowLongW
SendDlgItemMessageW
IsDialogMessageW
DestroyWindow
CreateDialogParamW
PostMessageW
DrawFocusRect
DrawIconEx
GetSysColor
SetFocus
EndDialog
DialogBoxParamW
PeekMessageW
GetWindowTextW
SetForegroundWindow
LoadIconW

ole32

CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
VariantClear

shlwapi

ord346
StrCpyNW
StrFormatKBSizeW
StrCmpW
StrCpyW
SHDeleteKeyW
StrToIntW
StrStrIW

comctl32

PropertySheetW
ImageList_Create
CreatePropertySheetPageW
ord17
ImageList_ReplaceIcon

shell32

SHGetFileInfoW
ord680
ShellExecuteW
ExtractIconExW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a6f2116e3e5421eadb0dd0354e0b8b1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

ole32

oleaut32

shlwapi

comctl32

shell32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 512B - Virtual size: 84B

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 512B - Virtual size: 84B

.rsrc
Size: 39KB - Virtual size: 39KB