738ed4d4569b17956b00b2010e6f0631_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

738ed4d4569b17956b00b2010e6f0631_JaffaCakes118
Size

6KB
MD5

738ed4d4569b17956b00b2010e6f0631
SHA1

93a737ca1172598015533c5b15002d799b7b3910
SHA256

516e2cc2a0d14f34473341bf24434c48f2798177202af7a31c9e549de4a60322
SHA512

c20c712bde8e7a5df28ff1fe223c0d829ac2ede52322ab4e6fecd9d0d79a23202e3e40a1d4540c15da99f1d4ed348057b9393e4d1d2b84bed82a6c57d1e6d28c
SSDEEP

96:a8nFXxH/ukP3XuedtJfyhghPaPah4w5mvPcib0h4pEIFYq2uyNg4J0:auH2kP3XVjRy8PaPapYMHsdCBO4J0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
738ed4d4569b17956b00b2010e6f0631_JaffaCakes118

Files

738ed4d4569b17956b00b2010e6f0631_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39608ce8602c7d213d697e827f2a3d93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

Chord
GetBkMode
CombineRgn
CreateFontIndirectA
GetMetaRgn
GetNearestColor
SetTextCharacterExtra
GetSystemPaletteUse
DrawEscape
CreateMetaFileW
DeleteMetaFile
GetGraphicsMode
SetArcDirection
SetViewportExtEx
GetStretchBltMode
GetEnhMetaFileBits

user32

GetDialogBaseUnits
CharUpperA
FillRect
CopyIcon
CreateMDIWindowW
GetCursor
DlgDirListA
CreateWindowExA
DispatchMessageW
GetFocus

advapi32

I_ScSetServiceBitsA
ConvertAccessToSecurityDescriptorA
RegCreateKeyExA
SetEntriesInAccessListA
LsaGetQuotasForAccount
AdjustTokenPrivileges
GetMultipleTrusteeOperationA
RegCreateKeyA
QueryServiceObjectSecurity
GetServiceDisplayNameW
RegDeleteKeyA
RegNotifyChangeKeyValue
LsaCreateAccount

msvcrt

_access
atoi
__p__mbctype
_mbbtype
iswalnum
fputwc
iswspace
scanf
fopen
__RTDynamicCast
_beep
_mbctoupper
toupper
ftell
_getcwd
_c_exit
__p___mb_cur_max
_wstrtime
__iscsym
_CItan
_XcptFilter
strftime
_wcsnset
_wspawnl
_fstat
_dup
_chdir
_wmktemp

ole32

CoGetInterfaceAndReleaseStream
StgOpenStorage
CoRegisterMallocSpy
MonikerCommonPrefixWith

kernel32

FatalAppExitA
GetDefaultCommConfigA
VirtualFree
GetModuleHandleA
FindAtomW
WaitForDebugEvent
SetCommMask
_lopen
GlobalLock
GetSystemInfo
IsBadStringPtrW
GetEnvironmentVariableW
lstrlenA
LocalFlags
SetConsoleInputExeNameW
lstrcmpiA
GetCurrencyFormatW
Sleep
WriteConsoleInputA
HeapWalk
GetProcessPriorityBoost
ReadConsoleInputExA
MapViewOfFile
ReleaseSemaphore
ExitProcess
UnmapViewOfFile
GetSystemTimeAsFileTime
ConnectNamedPipe
MulDiv
GetStartupInfoA
SetConsoleNumberOfCommandsA
VirtualAlloc
lstrcatW
RegisterWowExec
Thread32First
GlobalMemoryStatus
ReadProcessMemory
VirtualProtect
BackupSeek
FindCloseChangeNotification
SetMailslotInfo
SetConsoleTitleW
CreateMailslotA
GetCurrencyFormatA
TlsAlloc

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bjb
Size: 276KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.can
Size: 137KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39608ce8602c7d213d697e827f2a3d93

Headers

File Characteristics

Imports

gdi32

user32

advapi32

msvcrt

ole32

kernel32

Sections

.text Size: 7KB - Virtual size: 8KB

.bjb Size: 276KB - Virtual size: 636KB

.can Size: 137KB - Virtual size: 318KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 8KB

.bjb
Size: 276KB - Virtual size: 636KB

.can
Size: 137KB - Virtual size: 318KB

.reloc
Size: 1024B - Virtual size: 1KB