7173ee59d306a224cf7b23e1d324bb57_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7173ee59d306a224cf7b23e1d324bb57_JaffaCakes118
Size

183KB
MD5

7173ee59d306a224cf7b23e1d324bb57
SHA1

f6d1c7166d5681c504630aec27813c929b169cbe
SHA256

1644e32d20b2d343fa32f806337254f624243234da83a3e21b0d8c61a62c05b3
SHA512

b7a8eeae95b6992a8cf5fe44a568bb662459e1434dd856a55a2c231dffa0875ad684040b85eb8bb402bf3d5806f69e8edbf94e5dcce3a05b97a8c4f339ef1e94
SSDEEP

3072:Mf3ZM5wD0eDxS7txhF7BiOk+5cOWAuEA7LNr3lsT6O8vaUO/NwbX850pMIWqojEW:SpM5MSJxhdBiOk+5cOvA7LR46O8v5Zit

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7173ee59d306a224cf7b23e1d324bb57_JaffaCakes118

Files

7173ee59d306a224cf7b23e1d324bb57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0078910ffb1a5af130aa95ee95c48c47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegCloseKey
RegSetValueW
RegQueryValueExW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyExW

user32

RegisterClassExW
RegisterDeviceNotificationW
KillTimer
CreateWindowExW
SetTimer
UnregisterDeviceNotification
LoadCursorW
SendMessageW
IsWindow
DestroyWindow
DefWindowProcW
wsprintfW

shlwapi

PathAddBackslashW
PathFindExtensionW
PathRemoveExtensionW
PathGetDriveNumberW
PathFileExistsW
PathFindFileNameW

ole32

CoGetProcessIdentifier
StringFromGUID2
CoTaskMemFree
CoInitialize
GetRunningObjectTable
CoFreeUnusedLibraries
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CreateItemMoniker

kernel32

GlobalFree
GetCalendarInfoW
InterlockedCompareExchange
GetSystemDirectoryA
WideCharToMultiByte
WaitForSingleObject
GetCurrentProcess
SetCurrentDirectoryA
GetEnvironmentVariableW
GetProfileStringW
GetModuleFileNameA
TlsFree
TerminateProcess
CreateSemaphoreA
QueryPerformanceCounter
DeleteFileW
ReleaseMutex
GetFileSize
UnhandledExceptionFilter
CreateMutexA
GetCurrentDirectoryA
EnumResourceNamesA
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcmpW
TlsSetValue
GetCurrentThreadId
MultiByteToWideChar
ReadFile
InitializeCriticalSection
GlobalAlloc
lstrlenW
GlobalLock
GetTempPathW
GlobalSize
IsDebuggerPresent
ReleaseSemaphore
SetUnhandledExceptionFilter
GetProcAddress
GetWindowsDirectoryA
TlsGetValue
GetLocalTime
GlobalUnlock
RaiseException

wmvcore

WMCreateProfileManager

ddraw

DirectDrawCreateEx

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0078910ffb1a5af130aa95ee95c48c47

Headers

File Characteristics

Imports

advapi32

user32

shlwapi

ole32

kernel32

wmvcore

ddraw

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 74KB - Virtual size: 73KB

.edata Size: 1024B - Virtual size: 248KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 74KB - Virtual size: 73KB

.edata
Size: 1024B - Virtual size: 248KB