386126e4c1c975eae233c8f67cc81220_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

386126e4c1c975eae233c8f67cc81220_JaffaCakes118
Size

868KB
MD5

386126e4c1c975eae233c8f67cc81220
SHA1

5778b91df95ddede872373dfdb414fbbe133c43f
SHA256

90eb131c568a24ddd15fd7e0ac124aa4cffc80b05eaeec5bc370b356bd1d671a
SHA512

f25862a25a31869b8a06818cd4ec5786db3619107726ad769cc5c83b05d296b0d476896a5bbfe15f2078d7338db46f1f36d5951555a6a26b7107d5ce91e90b73
SSDEEP

24576:gk8BcGurD2dQipc6rKzfd9ncC11Yqz3PpVA:JWma0zVy8OqzfPA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386126e4c1c975eae233c8f67cc81220_JaffaCakes118

Files

386126e4c1c975eae233c8f67cc81220_JaffaCakes118
.exe windows:4 windows x86 arch:x86

298a5389f3e6753050e1098cc61a6f88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SetErrorInfo
QueryPathOfRegTypeLi

advapi32

SetFileSecurityW
GetServiceDisplayNameA
OpenSCManagerA
DestroyPrivateObjectSecurity
RegCloseKey
RegRestoreKeyW

kernel32

FreeResource
SetProcessAffinityMask
FindNextChangeNotification
ExitProcess
GetTapeParameters
WritePrivateProfileSectionA
CopyFileExW
VirtualProtect
SetFileTime
QueryDosDeviceA
GetACP
LoadLibraryExA
FatalAppExitA
MoveFileW
GetOverlappedResult
GetCurrentProcessId
ReadDirectoryChangesW
MoveFileExA
VirtualUnlock
SuspendThread
GlobalAddAtomA
FillConsoleOutputCharacterA
CompareStringA
DeleteFiber
IsDBCSLeadByteEx
OpenMutexA
EnumResourceNamesA
GlobalUnlock
GetLongPathNameA
GetSystemDirectoryW
WritePrivateProfileSectionW
FindFirstFileW
GetCommState
RemoveDirectoryA
GetThreadPriority
SetConsoleActiveScreenBuffer
ExitThread
GlobalFindAtomW
EnumTimeFormatsW
SetMailslotInfo
GlobalFindAtomA
FreeLibraryAndExitThread
GetSystemTime
CreateProcessA

user32

MsgWaitForMultipleObjectsEx
CharNextExA
ChangeDisplaySettingsExA
SetWindowLongW
MonitorFromRect
GetMenuItemInfoA
RegisterClassA
OpenClipboard
GetWindowLongW
GetInputState
GetCursorPos
GetClipboardOwner
IsCharUpperA
DestroyAcceleratorTable
SetTimer
CharLowerBuffA
CopyImage

version

GetFileVersionInfoA

msvcrt

vwprintf
fgetws
_strnicmp
realloc
atol
fscanf
fgetwc
isxdigit
_cexit
_finite
_wcsnicmp
fputwc
_mbslwr
_get_osfhandle
_dup2
fgets
_getch

Sections

.text
Size: 2KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

298a5389f3e6753050e1098cc61a6f88

Headers

File Characteristics

Imports

oleaut32

advapi32

kernel32

user32

version

msvcrt

Sections

.text Size: 2KB - Virtual size: 251KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 619KB - Virtual size: 619KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 251KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 619KB - Virtual size: 619KB

.rsrc
Size: 17KB - Virtual size: 16KB