7261cee038541ecf3b68e2f712d0e6de_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7261cee038541ecf3b68e2f712d0e6de_JaffaCakes118
Size

1.1MB
MD5

7261cee038541ecf3b68e2f712d0e6de
SHA1

4947d98908f0a1fd22c21d1bbad1d3f86fda70f0
SHA256

183617fd4cc4db7684fed602031fb7d5217d88a29605bf4a0b8811fa686e89ae
SHA512

8160923bed76a38feab62bc236553b859291e6bc6bc10f94ba9180565e699ec722fbdeec772e61e76a42bf798186b3bf83e6ca6d4b24833fe2997ec048241940
SSDEEP

24576:JExDsNIUanPVaQKPzym1FTu4ey77V6BhdEgSWv6Fx3krzFiNSiAGGruuf6:ixDOI8Q6+mh7BAsttCwS97y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7261cee038541ecf3b68e2f712d0e6de_JaffaCakes118

Files

7261cee038541ecf3b68e2f712d0e6de_JaffaCakes118
.exe windows:2 windows x86 arch:x86

f95a33c71ed954bca7de3561c4460a4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

EnterCriticalSection
GetFileAttributesA
ConnectNamedPipe
InterlockedIncrement
ReleaseMutex
CallNamedPipeA
TransactNamedPipe
GetEnvironmentVariableA
lstrlenA
HeapFree
InterlockedPushEntrySList
CreateFileA
SetFilePointer
GetVersionExA
GetCurrentThreadId
OpenMutexA
CreateNamedPipeA
CloseHandle
HeapCreate
CreateMutexA
HeapAlloc
ReadFile
InterlockedDecrement
GetLocalTime
SetFirmwareEnvironmentVariableA
InterlockedPopEntrySList
ExitProcess
VirtualAlloc
WaitForMultipleObjects
CompareStringA
VirtualFree
InitializeCriticalSection
HeapDestroy
GetNamedPipeHandleStateA
GetLastError
PeekNamedPipe

shell32

SHUpdateRecycleBinIcon
SHCreateStdEnumFmtEtc
IsUserAnAdmin
DAD_DragMove
PathMakeUniqueName
ILRemoveLastID
ShellExec_RunDLLA
SHHandleUpdateImage
SHGetSpecialFolderPathA
ExtractIconA
SHCreateShellItem
Options_RunDLL
SHPropStgWriteMultiple
SHQueryRecycleBinA
ILFree
FreeIconList
SHValidateUNC
IsLFNDrive
SHParseDisplayName
SHAppBarMessage
RealShellExecuteA
IsLFNDriveA
SHAlloc
PifMgr_OpenProperties
SHSetLocalizedName
Shell_GetImageLists
SHChangeNotify
OpenAs_RunDLL
SHLimitInputEdit

user32

CheckMenuItem
ShowWindow
SetFocus
UpdateWindow
GetMessageA
LoadAcceleratorsA
DispatchMessageA
SetWindowTextA
InvalidateRect
GetMenu
WinHelpA
TranslateMessage
HideCaret
CreateWindowExA
SetProcessDefaultLayout
ScreenToClient
DestroyWindow
SendMessageA
DefWindowProcA
OpenClipboard
RegisterClassExA
SetWindowLongA
GetClipboardData
EnableMenuItem

Sections

.text
Size: 1004KB - Virtual size: 1004KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f95a33c71ed954bca7de3561c4460a4b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

user32

Sections

.text Size: 1004KB - Virtual size: 1004KB

.data Size: 161KB - Virtual size: 160KB

.rsrc Size: 10KB - Virtual size: 3.0MB

.text
Size: 1004KB - Virtual size: 1004KB

.data
Size: 161KB - Virtual size: 160KB

.rsrc
Size: 10KB - Virtual size: 3.0MB