2267ce658b24f31f5d212ecff540dbcd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2267ce658b24f31f5d212ecff540dbcd_JaffaCakes118
Size

36KB
MD5

2267ce658b24f31f5d212ecff540dbcd
SHA1

292f673da37e1151fe22f615dfd64a0abdb3031b
SHA256

bef03b759d201e8f6533bf0e861cfe2d4e515b4e2c8d7da70b66df649a90d8b3
SHA512

68181b198ad43ce2be26924bc863b9a67dc4fd27dd31267198266b8204a5e377c0c26b460cd12c86b7fe0322f62fbdfed6afaa2d73996845ac14c610927a3dce
SSDEEP

384:m14AoVwAqRgZmlZ178iyXALEGTq6oQneELgrYfxqDHHEVWyh:N+Al7iG7Eq6oBEL8iqDHHEzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2267ce658b24f31f5d212ecff540dbcd_JaffaCakes118

Files

2267ce658b24f31f5d212ecff540dbcd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68aadaf70f46695b55eda21b20a9748f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
LocalFree
FormatMessageA
CreateThread
WaitForMultipleObjects
CreateEventA
GetWindowsDirectoryA
GetVersionExA
GetStringTypeA
LCMapStringW
OpenProcess
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
GetLastError
CloseHandle
LCMapStringA
TerminateProcess
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

user32

DialogBoxParamA
GetDesktopWindow
GetWindowTextA
EnumWindows
PostMessageA
MessageBoxA
UnregisterDeviceNotification
KillTimer
PostQuitMessage
ShowWindow
UpdateWindow
EndDialog
SetTimer
RegisterDeviceNotificationA

advapi32

RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiOpenDeviceInterfaceA
SetupDiGetDeviceInterfaceDetailA
SetupDiCreateDeviceInfoList

ovtwia

TakeWiaPicture

psapi

GetModuleFileNameExA
EnumProcessModules
EnumProcesses

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

68aadaf70f46695b55eda21b20a9748f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

setupapi

ovtwia

psapi

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 8KB