453297180e2d5ed9acaf248ee327df72_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

453297180e2d5ed9acaf248ee327df72_JaffaCakes118
Size

919KB
MD5

453297180e2d5ed9acaf248ee327df72
SHA1

683532d88fdd2809f861abb943cf1fd36e9a9c89
SHA256

acc2d19921d91249927f0b11e7208b32f7e5c5e82819730996bef06b6c8e4e69
SHA512

77c6ad1d494d2578f0218e347fa35bffca1211b7d9c79c443df5664b5a594cac6db2524c5e42f21431f9125feb7bbad0639e91a001d00b309a67661116ea7c0e
SSDEEP

24576:AooIl7oQqYCn6ji/AQswJL+kmMmd5Gkp7orCisN:yW7PqH6jiIm+kEfGi7orCi0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
453297180e2d5ed9acaf248ee327df72_JaffaCakes118

Files

453297180e2d5ed9acaf248ee327df72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2312ebcfd409e267d0d987d9f9fef97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA
SHGetDesktopFolder
DragQueryPoint
FindExecutableA

user32

SetMenuItemBitmaps
GetClipboardSequenceNumber
OffsetRect
EndDeferWindowPos
CharLowerA
SetScrollPos
SetCursorPos
DrawStateA
DrawEdge
BeginDeferWindowPos
OpenClipboard
GetMenuItemID
GetWindow
GetClassNameA

advapi32

RegDeleteValueA
RegSetValueA
RevertToSelf
OpenServiceA
CryptImportKey
ControlService
RegGetKeySecurity
SetSecurityDescriptorOwner
RegQueryValueExW
StartServiceCtrlDispatcherA
RegOpenKeyA
GetSecurityDescriptorGroup
RegQueryValueW

kernel32

GetThreadContext
GetFileAttributesA
SetThreadAffinityMask
FindResourceExA
MoveFileW
FormatMessageA
CreateDirectoryExA
WritePrivateProfileStringA
OpenSemaphoreW
WritePrivateProfileStringW
GetEnvironmentStringsW
GetTempPathW
OutputDebugStringW
SetHandleCount
GetProfileIntA
GetProcessTimes
GetPrivateProfileStringW
SetConsoleTitleA
GlobalDeleteAtom
ExitProcess
lstrcpynA
VirtualAllocEx
QueryDosDeviceA
EnumResourceNamesW
DeleteFiber
GetComputerNameW
OpenFile
EnumResourceLanguagesW
GetHandleInformation
WriteConsoleOutputCharacterA
GlobalFree
GetProcessHeap
GetConsoleCursorInfo
GetSystemInfo
_llseek
GlobalFindAtomA
AreFileApisANSI
VirtualProtect
CancelIo
EnumSystemCodePagesA
CompareStringW
CreateMutexW
RemoveDirectoryW
VirtualUnlock
GetDriveTypeA
EndUpdateResourceA
GetCPInfo
SetErrorMode
GetSystemTimeAsFileTime
VirtualQueryEx
WritePrivateProfileSectionA
GlobalUnlock
GetCommConfig
_lclose
SetConsoleActiveScreenBuffer
GetStringTypeExW
EnumCalendarInfoA

msvcrt

__p___argc
strchr
_wpopen
fputc
_wfullpath
rand
wcscpy
_mbsrchr
_wgetenv
_open
_isctype

Sections

.text
Size: 2KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 618KB - Virtual size: 618KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2312ebcfd409e267d0d987d9f9fef97

Headers

File Characteristics

Imports

shell32

user32

advapi32

kernel32

msvcrt

Sections

.text Size: 2KB - Virtual size: 251KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 618KB - Virtual size: 618KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 251KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 618KB - Virtual size: 618KB

.rsrc
Size: 17KB - Virtual size: 16KB