6a1025ba73443a28fb6aa0c36aa458ea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6a1025ba73443a28fb6aa0c36aa458ea_JaffaCakes118
Size

500KB
MD5

6a1025ba73443a28fb6aa0c36aa458ea
SHA1

24e24ecd8479c0bc89a5f67eac5e072102f459f6
SHA256

a37b47551a42f9398229811fed48eea4fba788679b8d68d1b3ad1795003d0cf9
SHA512

af611faa48d094aabc67edca5fd9d9c20bd60786a45e70a95aef1a1909d10cd23bc6ec593f50e131f5eda2d75d60d028cce2632423967fe01e8b6c1a165c58b5
SSDEEP

12288:lESXh75mMLg5CqBqyCanupHMqEc1/acNFFscN:lj2BqylnhqEQaOdN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a1025ba73443a28fb6aa0c36aa458ea_JaffaCakes118

Files

6a1025ba73443a28fb6aa0c36aa458ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eed6f3a42a8566f0004cdccd7aece0eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragLeave

gdi32

WidenPath
CreateDIBPatternBrushPt
CreatePatternBrush
TextOutW
StretchDIBits
StrokePath

kernel32

EnumResourceNamesW
GetCommConfig
GetBinaryTypeA
SetStdHandle
GetTempPathW
SystemTimeToFileTime
LoadLibraryExW
WritePrivateProfileStructA
FindResourceExA
ReadConsoleInputW
ReleaseMutex
GetLocaleInfoW
OpenFile
GetLogicalDriveStringsA
GetHandleInformation
CancelIo
LocalSize
WritePrivateProfileStringW
CreateEventA
GetStartupInfoA
lstrcpyA
SetThreadAffinityMask
QueryDosDeviceW
GetFullPathNameA
WaitNamedPipeA
FindCloseChangeNotification
CreatePipe
_lopen
SetEvent
GlobalFlags
SetLastError
VirtualAlloc
VirtualQueryEx
SearchPathW
ExitProcess
GetFileAttributesA
GetWindowsDirectoryA
GetFileType
SetProcessShutdownParameters
SuspendThread
GetDiskFreeSpaceExA
SetConsoleMode
SetCurrentDirectoryA

advapi32

SetSecurityDescriptorSacl
NotifyBootConfigStatus
GetNamedSecurityInfoW
CryptGetHashParam
MakeAbsoluteSD
CryptGetKeyParam
LookupAccountSidA
CreatePrivateObjectSecurity
LookupAccountNameA
SetFileSecurityW
FreeSid
RegisterEventSourceW
GetSecurityInfo
RegEnumKeyW
RegOpenKeyExW
RegConnectRegistryA

version

VerQueryValueA

user32

DestroyMenu
SetDlgItemTextA
SendMessageTimeoutW
FillRect
CreateCaret

msvcrt

_endthread
_tempnam
_wspawnvp
_mbsstr
_putws
calloc
_strncoll
_strupr
_dup
fputs
_sopen
floor
iswdigit
iswprint
_mbctolower
sscanf
atoi
strftime
strncat
_read
toupper
_strnicmp
strstr

Sections

.text
Size: 8KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eed6f3a42a8566f0004cdccd7aece0eb

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

advapi32

version

user32

msvcrt

Sections

.text Size: 8KB - Virtual size: 224KB

.text Size: 512B - Virtual size: 6B

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 249KB - Virtual size: 248KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 8KB - Virtual size: 224KB

.text
Size: 512B - Virtual size: 6B

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 249KB - Virtual size: 248KB

.rsrc
Size: 16KB - Virtual size: 15KB