3934baf4cffed2d1fd6239efc2bff294_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3934baf4cffed2d1fd6239efc2bff294_JaffaCakes118
Size

429KB
MD5

3934baf4cffed2d1fd6239efc2bff294
SHA1

923d37633209c9b6fa66a28995343e08ff44c466
SHA256

57dbc67687978203443b1750f05aae567c7671412fc09f6082977d80b8b6fca1
SHA512

9a200afa093932ab9f7ef4181c866e089afc2125a7d35b56775a800d6e7b9f318a373ceb9921a0e719e942349fbd474f4b15c0874da33b12dd4dbb5cb8e5f69b
SSDEEP

1536:M88dF9B/DBSaC/MiQnpVpPZMzDxP7ErpdKsFv+XZ9wl3deoJ9KLq:MJB/gaLNpVpPZMzBErXKsh+pk3deej

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3934baf4cffed2d1fd6239efc2bff294_JaffaCakes118

Files

3934baf4cffed2d1fd6239efc2bff294_JaffaCakes118
.exe windows:4 windows x86 arch:x86

232aaa76d17c776c9c853c5a07012a13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
MultiByteToWideChar
GetPriorityClass
GetFileType
GetExitCodeThread
GetVersion
OpenProcess
GetTempPathA
Process32First
GetDiskFreeSpaceExW
LocalHandle
GetFileAttributesExW
GetDriveTypeA
ExitProcess
DisableThreadLibraryCalls
GetVersionExW
GetWindowsDirectoryA
GetModuleHandleA
CloseHandle
GetFullPathNameA
GetLogicalDrives
EnumSystemLocalesA
GetProcAddress
LoadModule
CreateToolhelp32Snapshot
GetModuleHandleA
LoadLibraryA
GetFileSizeEx
GetCurrentThread
LockFile
GetCurrentProcess
WriteProcessMemory
MoveFileExW
Process32Next
MoveFileExA
GlobalLock
GetModuleFileNameA
GetDiskFreeSpaceA

user32

ShowWindow
UpdateWindow
DefWindowProcA
GetShellWindow
GetKeyState
DdeQueryStringW
FindWindowW
CreateWindowExA
DdeFreeStringHandle
RegisterClassExA
DispatchMessageA
TranslateMessage
DdeCreateStringHandleW
GetMessageA
EnumWindows
DeleteMenu
DestroyCursor
CharLowerW

advapi32

RegDeleteValueW
DestroyPrivateObjectSecurity
SetSecurityInfo
CreateProcessAsUserW
CryptGetKeyParam
DeleteAce
GetSecurityDescriptorLength
RegOpenKeyExA
AddAce
SetSecurityDescriptorSacl
RegRestoreKeyA

shell32

SHBrowseForFolderA
Shell_NotifyIconA
SHGetDiskFreeSpaceExW
SHGetDiskFreeSpaceExA
SHGetDataFromIDListA
CheckEscapesW
CommandLineToArgvW
StrStrW
ShellAboutW
Shell_NotifyIconW
DllRegisterServer
SHGetDiskFreeSpaceA
SHQueryRecycleBinW

gdi32

SetWindowOrgEx
ModifyWorldTransform
GetOutlineTextMetricsW
EndPage
SetPixel
UpdateColors
DeleteMetaFile
SetMapMode
CreateDCA
SetPaletteEntries
GetGraphicsMode

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oli
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

232aaa76d17c776c9c853c5a07012a13

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 212KB - Virtual size: 212KB

.idata Size: 88KB - Virtual size: 88KB

.rdata Size: 4KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: - Virtual size: 4KB

.oli Size: - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 212KB - Virtual size: 212KB

.idata
Size: 88KB - Virtual size: 88KB

.rdata
Size: 4KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: - Virtual size: 4KB

.oli
Size: - Virtual size: 4KB