72fd63198e8614ccf47fc10e1a7fab3a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72fd63198e8614ccf47fc10e1a7fab3a_JaffaCakes118
Size

438KB
MD5

72fd63198e8614ccf47fc10e1a7fab3a
SHA1

30416c29e2d6a6a61b5366ce4ab096c31ba30e14
SHA256

19987b3b96937a878965d2255b0e36a95a3782cd559d450599c89e731110b1e4
SHA512

d50924b44ce180dc47cb3d24a958cf9478e5bbb0b8496311d71528fd4ca1ebda96a180b1fb79501d62d45fa69a7a21eb4a54f35122e171d7e8da9b7b47cdbf1b
SSDEEP

12288:nTU9fuz597c9OwPus2rX+DZo06B7DukyzSmcIa:nTM2z37c9Ow2siGZ9+DM+m6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72fd63198e8614ccf47fc10e1a7fab3a_JaffaCakes118

Files

72fd63198e8614ccf47fc10e1a7fab3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56ce63d2206a5748709067b7ad408110

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSecurityDescriptorDacl
FreeSid

ole32

CoImpersonateClient
HACCEL_UserMarshal
CreateBindCtx
HGLOBAL_UserSize
OleGetIconOfClass

kernel32

ReleaseMutex
Sleep
GetCommandLineW
LoadLibraryW
GetCommConfig
FindResourceW
Process32First
ExitProcess
CompareStringA
ReadDirectoryChangesW
GetSystemTimeAdjustment
GetTickCount
GetModuleHandleA
VirtualAlloc
UnlockFile
GetCurrentProcess
GetThreadLocale
GetFileAttributesExW
GetStartupInfoW
VirtualFree
SetErrorMode
BackupRead

user32

PostMessageA
GetDC
GetListBoxInfo
InvalidateRgn
SetMenuDefaultItem
LoadIconA
EndPaint
IsChild
FlashWindow
DestroyCursor
IsWindow
ShowCursor
IsWindowEnabled
DrawMenuBar
EnumPropsExW
IsMenu

gdi32

GetPixel
IntersectClipRect
GetOutlineTextMetricsA
CancelDC
SetLayout
GetROP2
SetLayout
StartDocW
CreateMetaFileA
GdiGetBatchLimit
GetRegionData

msvcrt

_execl
_mbsnbcnt
wcstoul
fputwc
_wstrdate
__p__pctype
vwprintf
_mbctokata
__p__winmajor
__p__mbctype
_mbsupr
is_wctype
tanh
_spawnvpe

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0001
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0002
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0003
Size: 36KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0004
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0005
Size: 36KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0006
Size: 35KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0007
Size: 39KB - Virtual size: 12.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0008
Size: 119KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

56ce63d2206a5748709067b7ad408110

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

user32

gdi32

msvcrt

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 38KB - Virtual size: 47KB

.0001 Size: 39KB - Virtual size: 40KB

.0002 Size: 39KB - Virtual size: 40KB

.0003 Size: 36KB - Virtual size: 44KB

.0004 Size: 38KB - Virtual size: 37KB

.0005 Size: 36KB - Virtual size: 44KB

.0006 Size: 35KB - Virtual size: 42KB

.0007 Size: 39KB - Virtual size: 12.9MB

.0008 Size: 119KB - Virtual size: 121KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 38KB - Virtual size: 47KB

.0001
Size: 39KB - Virtual size: 40KB

.0002
Size: 39KB - Virtual size: 40KB

.0003
Size: 36KB - Virtual size: 44KB

.0004
Size: 38KB - Virtual size: 37KB

.0005
Size: 36KB - Virtual size: 44KB

.0006
Size: 35KB - Virtual size: 42KB

.0007
Size: 39KB - Virtual size: 12.9MB

.0008
Size: 119KB - Virtual size: 121KB