289c4055c2fa0e7453d8d4dc3c59e37a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

289c4055c2fa0e7453d8d4dc3c59e37a_JaffaCakes118
Size

438KB
MD5

289c4055c2fa0e7453d8d4dc3c59e37a
SHA1

5b493ca4b88111bc048bfe3cfaf161095f0662fa
SHA256

54fadae6e5ef62b13ddbdb04a3d41b28775f13e8d1a67688f9bda9b5520cf108
SHA512

f54414cff2b5e3830a2cef8e13662bf5487c1a2c7f78eb0d7886e69bacb1ae7bf912feaa96f1f69674872378efac2422f91ddceb361087483fdb60672f232f91
SSDEEP

12288:cMbnfyLLJgLZEjqH6lPZyVFYwaNNcQ9A:cmniCLZEjOyyYwql9A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
289c4055c2fa0e7453d8d4dc3c59e37a_JaffaCakes118

Files

289c4055c2fa0e7453d8d4dc3c59e37a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

912d880cf9a485bda665a1e03688470f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
NotifyBootConfigStatus
QueryServiceLockStatusW
RegQueryInfoKeyA
IsValidAcl
ObjectCloseAuditAlarmA
RegSaveKeyA

gdi32

ExtEscape
ChoosePixelFormat
SetLayout
GetFontData
StrokePath
EnumMetaFile
SetMetaFileBitsEx
SetColorAdjustment
CloseMetaFile
CopyMetaFileA
ArcTo
GdiGetBatchLimit
GetNearestPaletteIndex
GetPixel
MaskBlt
GetROP2
CancelDC
SetLayout
GetOutlineTextMetricsW
GetTextExtentExPointA
EnumICMProfilesA
GetTextExtentPointW

user32

ExitWindowsEx
CreateMDIWindowW
DrawIconEx
SetLastErrorEx
GetListBoxInfo
DefFrameProcW
DrawCaptionTempW
GetMenuItemCount
DdeQueryStringA
MapWindowPoints
MessageBeep
LoadKeyboardLayoutW
SendDlgItemMessageA
WinHelpA
SetMessageExtraInfo
IsWindow
IsChild
PostMessageA
IsMenu
MonitorFromWindow
GetMenuDefaultItem
IMPGetIMEA

msvcrt

_wgetcwd
tolower
_mbsnbcnt
_safe_fprem1
_beep
_adj_fdivr_m32
islower
_umask
_mbsnbicoll
memmove
_fdopen
_mbsnbset
_spawnv
gmtime
getc
_y0
_wfullpath
_rmtmp
_logb
__p__wenviron
__p___winitenv
isupper
_mbsnccnt

kernel32

GetModuleHandleA
DeleteCriticalSection
FileTimeToSystemTime
GetPrivateProfileSectionNamesW
VirtualAlloc
ExitProcess
Sleep
VirtualFree
GetCommandLineW
GetTickCount
GetQueuedCompletionStatus
GetComputerNameA
SystemTimeToFileTime
LoadLibraryW
GetCalendarInfoA
GetACP
GlobalReAlloc
SetErrorMode
GetStartupInfoW
GetCurrentProcess
GetStartupInfoW
FindFirstChangeNotificationW

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0001
Size: 41KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0002
Size: 43KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0003
Size: 44KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0004
Size: 41KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0005
Size: 42KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0006
Size: 42KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0007
Size: 119KB - Virtual size: 13.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

912d880cf9a485bda665a1e03688470f

Headers

File Characteristics

Imports

advapi32

gdi32

user32

msvcrt

kernel32

Sections

.text Size: 23KB - Virtual size: 24KB

.data Size: 42KB - Virtual size: 46KB

.0001 Size: 41KB - Virtual size: 45KB

.0002 Size: 43KB - Virtual size: 50KB

.0003 Size: 44KB - Virtual size: 51KB

.0004 Size: 41KB - Virtual size: 46KB

.0005 Size: 42KB - Virtual size: 48KB

.0006 Size: 42KB - Virtual size: 48KB

.0007 Size: 119KB - Virtual size: 13.0MB

.text
Size: 23KB - Virtual size: 24KB

.data
Size: 42KB - Virtual size: 46KB

.0001
Size: 41KB - Virtual size: 45KB

.0002
Size: 43KB - Virtual size: 50KB

.0003
Size: 44KB - Virtual size: 51KB

.0004
Size: 41KB - Virtual size: 46KB

.0005
Size: 42KB - Virtual size: 48KB

.0006
Size: 42KB - Virtual size: 48KB

.0007
Size: 119KB - Virtual size: 13.0MB