1c186f01de5b2c94942e630f4f777d18_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1c186f01de5b2c94942e630f4f777d18_JaffaCakes118
Size

697KB
MD5

1c186f01de5b2c94942e630f4f777d18
SHA1

2ed4384640595888c23d90859180d95a64b1f504
SHA256

d3d07d5f9818f7531fa667fefeae8627bb5141c538973624d6c4e403387191b1
SHA512

bc41502b306a20eb99a14a4511a71b37dd25a0e7f43588a80979cc85e2702f558da28213a77585dac3e8005ca215ddc6625b4f2148f6998dcbc57766d5ffc616
SSDEEP

12288:iPPMnQwGCh8TBgsy3h8VJO5hWzRzONjx5dFacPes8FFi3PpXG1/licdVhANT7yk6:EtwNaBg3IOxNjLdF+UG1/lDdVhkCkMPD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c186f01de5b2c94942e630f4f777d18_JaffaCakes118

Files

1c186f01de5b2c94942e630f4f777d18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ff2470324f9e29a728a2a2ab69586a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
_cexit
_exit
_stricmp
wcslen
wcscpy
wcscmp
__getmainargs
strspn
strpbrk
srand
realloc
rand
free
fprintf
__p__commode
exit

setupapi

SetupInstallServicesFromInfSectionExA
SetupInitializeFileLogW
SetupDiDestroyDriverInfoList

kernel32

CompareStringA
lstrcpyA
lstrcmpA
lstrcatA
VirtualFree
VirtualAlloc
SetProcessWorkingSetSize
GlobalUnlock
GetProcessWorkingSetSize
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
ExitProcess
CreateProcessA
LoadLibraryA
CloseHandle

advapi32

ReportEventA
AbortSystemShutdownA
RegQueryInfoKeyA
GetNamedSecurityInfoA
SetFileSecurityA

user32

CharLowerA
CharPrevA
CharUpperW
EnumPropsA
EqualRect
ExitWindowsEx
GetKeyboardState
GetUserObjectSecurity
MapVirtualKeyW
PostMessageA
RegisterWindowMessageA
SendMessageTimeoutW
UnpackDDElParam
VkKeyScanW
WINNLSGetEnableStatus
WinHelpW

Sections

.text
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 503KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rata
Size: 153KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8ff2470324f9e29a728a2a2ab69586a7

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

setupapi

kernel32

advapi32

user32

Sections

.text Size: 37KB - Virtual size: 40KB

.data Size: 503KB - Virtual size: 504KB

.rata Size: 153KB - Virtual size: 156KB

.bss Size: - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 37KB - Virtual size: 40KB

.data
Size: 503KB - Virtual size: 504KB

.rata
Size: 153KB - Virtual size: 156KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB