1be799fbb7810304412d1d7f6766ac42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1be799fbb7810304412d1d7f6766ac42_JaffaCakes118
Size

76KB
MD5

1be799fbb7810304412d1d7f6766ac42
SHA1

19ba44b24e769a428351b74b50d7bc4dc70b7f39
SHA256

93f9ad29d6ddf3c4bd9f804d0f77bcb927ac620f0e169bc78b1a6c94d289881b
SHA512

5021129179d9a0ec4403bd8ad7f97cdf6008ed158de2f4760c6366b0610d9bd68e882f165fd8e2a652dc338f304d14c027d77ded0c9bc2258cb666ee2bbb0800
SSDEEP

768:N6ZSxA12JIPBbMlFjZOtMNJvGyFU7bS08ZPzHNYM/rrNs/sHzrXFgxCkC5HVYPC+:y175IlFjct4/GbT8LHNnrrqc2yHyP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1be799fbb7810304412d1d7f6766ac42_JaffaCakes118

Files

1be799fbb7810304412d1d7f6766ac42_JaffaCakes118
.exe windows:5 windows x86 arch:x86

536776597003bbefce750fe0e7e4f144

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
HeapAlloc
GetProcAddress
GetModuleHandleA
LoadLibraryA
InterlockedDecrement
LocalFree
InterlockedIncrement
GetVersionExW
UnhandledExceptionFilter

user32

GetWindowTextLengthW
SetScrollPos
EnableWindow
EndPaint
EndMenu
EndDialog
EndDeferWindowPos
EnableScrollBar
EnableMenuItem
EmptyClipboard
CloseClipboard
ClipCursor
ClientToScreen
ChildWindowFromPointEx
ChildWindowFromPoint
DialogBoxParamW
CreateDialogParamW
GetWindowTextW
SetWindowPos
SetCursor
SetForegroundWindow
FindWindowW
GetSystemMetrics
MoveWindow
SendMessageW
CharNextW
CheckMenuItem
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CheckDlgButton
CheckMenuRadioItem
CheckRadioButton
CopyIcon
CopyImage
EnumChildWindows

gdi32

SetAbortProc
GetTextMetricsW
SetBkMode
StartDocW
SetWindowExtEx
SetViewportExtEx
SetMapMode
CreateFontIndirectW
StartPage
LPtoDP
AbortDoc
EndDoc
DeleteDC
TextOutW
GetTextExtentPoint32W
CreateDCW
SelectObject
GetTextFaceW
EndPage

advapi32

RegOpenKeyW
RegOpenKeyA

msi

ord55

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xata1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xata2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xata3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xata4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xata5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xata6
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

536776597003bbefce750fe0e7e4f144

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msi

Sections

.text Size: 44KB - Virtual size: 43KB

.data Size: 512B - Virtual size: 488B

xata1 Size: 4KB - Virtual size: 3KB

xata2 Size: 4KB - Virtual size: 3KB

xata3 Size: 4KB - Virtual size: 3KB

xata4 Size: 4KB - Virtual size: 3KB

xata5 Size: 4KB - Virtual size: 3KB

xata6 Size: 4KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 744B

.text
Size: 44KB - Virtual size: 43KB

.data
Size: 512B - Virtual size: 488B

xata1
Size: 4KB - Virtual size: 3KB

xata2
Size: 4KB - Virtual size: 3KB

xata3
Size: 4KB - Virtual size: 3KB

xata4
Size: 4KB - Virtual size: 3KB

xata5
Size: 4KB - Virtual size: 3KB

xata6
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 744B