724324dad1a962913a26e00624b77d0e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

724324dad1a962913a26e00624b77d0e_JaffaCakes118
Size

9.9MB
MD5

724324dad1a962913a26e00624b77d0e
SHA1

3756e09d208a67373e85b2b232847d3d63d9c353
SHA256

8db23ff60ca831aaf6d64b76fd47e0d0fac64ca66d5554cecd702e9aebf59f77
SHA512

54a96a39321012ef94930e02aa1fe9fbab2cd967bc2d53f0a3c6937fc96051edc2dbfe5517597d3141a0e7b3222d3612985beb50a9ebb55dba90a887ea10eac9
SSDEEP

196608:tB8LB34KlXKUaXCIndQFuXL4Zq44fMYPWmZhcKLLWeBUkVKyF:QL2Kl9aXC4dQkvPWm7cMLWI1B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
724324dad1a962913a26e00624b77d0e_JaffaCakes118

Files

724324dad1a962913a26e00624b77d0e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7d101c913756120b49e2fb5a0b8a5335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersion
GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

RegSetValueExW

comctl32

ImageList_GetImageInfo

comdlg32

GetOpenFileNameW

gdi32

Pie

mpr

WNetGetConnectionW

msvcrt

wcstombs

netapi32

NetWkstaGetInfo

ole32

StgCreateDocfileOnILockBytes

oleaut32

SafeArrayPutElement

shell32

SHBrowseForFolderW

shfolder

SHGetFolderPathW

shlwapi

PathMatchSpecW
PathIsRelativeW

user32

CopyImage
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

version

GetFileVersionInfoSizeW

winhttp

WinHttpGetIEProxyConfigForCurrentUser

wininet

InternetCloseHandle

winmm

PlaySoundA

winspool.drv

DocumentPropertiesW

wsock32

send

wtsapi32

WTSSendMessageW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: - Virtual size: 9.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 824KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 292B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 733KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 9.8MB - Virtual size: 9.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d101c913756120b49e2fb5a0b8a5335

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

mpr

msvcrt

netapi32

ole32

oleaut32

shell32

shfolder

shlwapi

user32

version

winhttp

wininet

winmm

winspool.drv

wsock32

wtsapi32

Exports

Exports

Sections

.text Size: - Virtual size: 9.2MB

.itext Size: - Virtual size: 23KB

.data Size: - Virtual size: 152KB

.bss Size: - Virtual size: 824KB

.idata Size: - Virtual size: 20KB

.didata Size: - Virtual size: 26KB

.edata Size: - Virtual size: 157B

.tls Size: - Virtual size: 292B

.rdata Size: - Virtual size: 93B

.reloc Size: - Virtual size: 733KB

.vmp0 Size: - Virtual size: 5.3MB

.vmp1 Size: 9.8MB - Virtual size: 9.8MB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: - Virtual size: 9.2MB

.itext
Size: - Virtual size: 23KB

.data
Size: - Virtual size: 152KB

.bss
Size: - Virtual size: 824KB

.idata
Size: - Virtual size: 20KB

.didata
Size: - Virtual size: 26KB

.edata
Size: - Virtual size: 157B

.tls
Size: - Virtual size: 292B

.rdata
Size: - Virtual size: 93B

.reloc
Size: - Virtual size: 733KB

.vmp0
Size: - Virtual size: 5.3MB

.vmp1
Size: 9.8MB - Virtual size: 9.8MB

.rsrc
Size: 36KB - Virtual size: 36KB