4293ad45d815879eb7e35e595df8bdc3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4293ad45d815879eb7e35e595df8bdc3_JaffaCakes118
Size

399KB
MD5

4293ad45d815879eb7e35e595df8bdc3
SHA1

29c0a9d141ea6000521e353428e38d7d1d68821a
SHA256

8236ec9469bc6954430c61f266eef7c9f863d6c9e8b21838ff432ea2e92f155e
SHA512

9a337e94a943b32814fb1c6dfef122d228b4dde6a5296f2ac3681c6b36e50ec0c4b5c940c9193c52c71ac7f186dc75a9680507c73f406d91071bf03cebef2fc4
SSDEEP

12288:6ZnxtXJtD0en6Y1DoqDfnw7gPyM0mcinirwH:6ZDnAVMUqD/c7inirq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4293ad45d815879eb7e35e595df8bdc3_JaffaCakes118

Files

4293ad45d815879eb7e35e595df8bdc3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09e40971018bb945a4a3305ec65a5c51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringW
wsprintfW
MessageBoxW

kernel32

InitializeCriticalSection
LocalAlloc
LocalFree
LeaveCriticalSection
IsBadWritePtr
DisableThreadLibraryCalls
GetProcAddress
EnterCriticalSection
lstrcpynW
lstrlenW
ExpandEnvironmentStringsW
lstrcpyW
GetCommandLineW
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
LoadLibraryA
GetFileSize
GetStartupInfoW
GetStdHandle
HeapCreate
VirtualFree
GetModuleFileNameW
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
HeapAlloc
HeapFree
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy

advapi32

RegEnumKeyExW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegEnumValueW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9e3c
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1o2p
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.16as
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aeas
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.k1kl
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ps1i
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t3ta
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ksi1
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.12i1
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.123f
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eaa
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ze
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1teaX
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.134
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.724
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.182
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.381
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.832
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ii32
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09e40971018bb945a4a3305ec65a5c51

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.9e3c Size: 512B - Virtual size: 216B

.1o2p Size: 512B - Virtual size: 216B

.16as Size: 512B - Virtual size: 216B

.aeas Size: 512B - Virtual size: 216B

.k1kl Size: 512B - Virtual size: 216B

.ps1i Size: 512B - Virtual size: 216B

.t3ta Size: 512B - Virtual size: 216B

.ksi1 Size: 512B - Virtual size: 216B

.12i1 Size: 512B - Virtual size: 216B

.123f Size: 512B - Virtual size: 216B

.eaa Size: 359KB - Virtual size: 359KB

.ze Size: 512B - Virtual size: 216B

.1teaX Size: 512B - Virtual size: 216B

.134 Size: 512B - Virtual size: 216B

.724 Size: 512B - Virtual size: 216B

.182 Size: 512B - Virtual size: 216B

.381 Size: 512B - Virtual size: 216B

.832 Size: 512B - Virtual size: 216B

.ii32 Size: 512B - Virtual size: 216B

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 270B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.9e3c
Size: 512B - Virtual size: 216B

.1o2p
Size: 512B - Virtual size: 216B

.16as
Size: 512B - Virtual size: 216B

.aeas
Size: 512B - Virtual size: 216B

.k1kl
Size: 512B - Virtual size: 216B

.ps1i
Size: 512B - Virtual size: 216B

.t3ta
Size: 512B - Virtual size: 216B

.ksi1
Size: 512B - Virtual size: 216B

.12i1
Size: 512B - Virtual size: 216B

.123f
Size: 512B - Virtual size: 216B

.eaa
Size: 359KB - Virtual size: 359KB

.ze
Size: 512B - Virtual size: 216B

.1teaX
Size: 512B - Virtual size: 216B

.134
Size: 512B - Virtual size: 216B

.724
Size: 512B - Virtual size: 216B

.182
Size: 512B - Virtual size: 216B

.381
Size: 512B - Virtual size: 216B

.832
Size: 512B - Virtual size: 216B

.ii32
Size: 512B - Virtual size: 216B

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 270B