75d47e6b673d08fbce3cffdfa5d47ba1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

75d47e6b673d08fbce3cffdfa5d47ba1_JaffaCakes118
Size

5.7MB
MD5

75d47e6b673d08fbce3cffdfa5d47ba1
SHA1

9dec186ee77fcf14a2c32d112daecba19215e154
SHA256

42f815b6998d571d9001aea2679531094e1e3d0b74f3bd77cf3ce95f9d801bdf
SHA512

3755a8debd62fca1d9b8daf4747ac05285250571840979db0dd17bc5bb819f7103478af37a1c08c3515ef4711c1ea5e058fec85985439a4a3c44b3b4b3f75fc8
SSDEEP

98304:q9KixXOcCzoFFOwBHFwpRGWcHTpMsc7oKiLIejw+zCPXDJWhxLACv:qUyXO+FuDIOZ7ox3ziJyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75d47e6b673d08fbce3cffdfa5d47ba1_JaffaCakes118

Files

75d47e6b673d08fbce3cffdfa5d47ba1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb0a25572ef46c3c77f9b295424fb4d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesW
GlobalAddAtomW
SetNamedPipeHandleState
GlobalReAlloc
ConnectNamedPipe
GlobalGetAtomNameW
FindResourceExA
VirtualAllocEx
WritePrivateProfileStringW
PulseEvent
AreFileApisANSI
SystemTimeToFileTime
WriteConsoleOutputCharacterA
FormatMessageW
GetLongPathNameA
LoadLibraryExW
PeekConsoleInputW
PrepareTape
lstrcatW
SetConsoleCursorPosition
FindFirstFileExW
SetLastError
CreateFileW
OutputDebugStringA
GetAtomNameA
CreateEventA
WriteConsoleOutputW
ExpandEnvironmentStringsW
SetThreadPriorityBoost
SetEnvironmentVariableW
GetBinaryTypeA
OpenSemaphoreW
SetHandleCount
ReadConsoleOutputA
GetThreadPriority
WritePrivateProfileStringA
CreatePipe
LocalSize
SetEndOfFile
CloseHandle
SetProcessAffinityMask
FatalAppExitA
SetTimeZoneInformation
GetEnvironmentStringsW
SetSystemTime
EnumDateFormatsW
GetDiskFreeSpaceW
FreeLibrary
LCMapStringA
GetModuleHandleA
ExitProcess

user32

GetWindowRgn
MapVirtualKeyA
EnableMenuItem
LoadImageW
SetWindowWord
SetActiveWindow
GetParent
CreateDesktopW
GetTitleBarInfo
RegisterDeviceNotificationA
CharUpperBuffW
SetMenuItemInfoA
OpenWindowStationA
ChildWindowFromPointEx
PeekMessageA
OpenClipboard
AppendMenuW
MsgWaitForMultipleObjects
GetClassNameW
DefMDIChildProcA
GetMessageTime
GetProcessWindowStation
DestroyMenu
CharUpperW
IsChild
CreateDialogIndirectParamW
EnumChildWindows
GetKeyboardType

advapi32

QueryServiceObjectSecurity
MakeAbsoluteSD
EnumServicesStatusW
RegEnumValueA
RegQueryInfoKeyW
GetServiceDisplayNameA
RegRestoreKeyW
FreeSid
CreateServiceW
ChangeServiceConfigW
RegCreateKeyA
CryptGenRandom
SetFileSecurityA
RegQueryValueW
ImpersonateSelf
RegEnumValueW
GetServiceKeyNameW
ReportEventA
RegQueryInfoKeyA
CopySid
CryptSetHashParam

version

VerFindFileA

msvcrt

_strnicmp
isleadbyte
_open
gmtime
mktime
_access
putchar
_open_osfhandle
__p___argv
wcscmp
_beginthreadex
abort
_ismbblead
fclose
_vsnprintf
_getpid
_fullpath
_tzset
isalnum
_strrev
ftell
_close
_mbsicmp
_wsystem
_mbsdec

Sections

.text
Size: 5KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb0a25572ef46c3c77f9b295424fb4d0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

msvcrt

Sections

.text Size: 5KB - Virtual size: 225KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 5KB - Virtual size: 225KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 17KB - Virtual size: 16KB