247c4a2d2dc93d40698b0678e78d4b5e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

247c4a2d2dc93d40698b0678e78d4b5e_JaffaCakes118
Size

101KB
MD5

247c4a2d2dc93d40698b0678e78d4b5e
SHA1

4a2c84a6f548745d54dac8c663148c60e617ffe1
SHA256

18270f720e6b61308e43fb0ab628ae7f60629d5b338c34da0c0afebb14f68e64
SHA512

80a42c35703106dc4cdac69fc6f8852615339c299d02a2a910a4aac0ac9fe93d0c28054b31b29bc664b59ee78d40ca373e6eb25d49c21c188043723949c07e9f
SSDEEP

3072:5Jb8+1KC98T2lcvr/4AHU+Cte+yI0WKsehy4lVX:5Fdf8TMAj4AHU+CkxFsehx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
247c4a2d2dc93d40698b0678e78d4b5e_JaffaCakes118

Files

247c4a2d2dc93d40698b0678e78d4b5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdb9e86ac6d1c4d0da4a6d5d1e088130

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInGetNumDevs
waveInGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mixerGetDevCapsA
mixerClose

setupapi

SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailA
SetupDiSetClassInstallParamsA
SetupDiDestroyDeviceInfoList

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl

user32

PostMessageA
LoadStringA
LoadImageA
LoadIconA
LoadCursorA
InsertMenuItemA
GetWindow
GetSysColor
GetMessageA
PostQuitMessage
GetDesktopWindow
GetDC
GetCursorPos
GetClassNameA
DispatchMessageA
DestroyMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu
ReleaseDC
SendMessageA
SetForegroundWindow
ShowWindow
SystemParametersInfoA
TranslateMessage
GetMenuCheckMarkDimensions
RegisterClassA

kernel32

SetHandleCount
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WideCharToMultiByte
WinExec
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
SetEvent
SearchPathA
RtlUnwind
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryA
LCMapStringA
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExA
GetVersion
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcAddress
GetOEMCP
WaitForSingleObject
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileType
GetEnvironmentStringsA
GetCommandLineA
GetACP
CloseHandle
CreateEventA
CreateMutexA
CreateProcessA
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW

Sections

.text
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdb9e86ac6d1c4d0da4a6d5d1e088130

Headers

File Characteristics

Imports

winmm

setupapi

advapi32

user32

kernel32

Sections

.text Size: 87KB - Virtual size: 88KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 88KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB