76d212b0afafc97ffa6b560535f6f4c4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

76d212b0afafc97ffa6b560535f6f4c4_JaffaCakes118
Size

84KB
MD5

76d212b0afafc97ffa6b560535f6f4c4
SHA1

59f92fad7197fb23868f50a71edc8b078db661c4
SHA256

c2fb6a0f5913df1cf11d153107cfdab8276250bfd16d4b7ba1b750c7c1ae3230
SHA512

ead493f40f66565d7762e6fea0502171ef8a5cc7d2b784677a9e21cb81b2f859131447996b40b3779162fa4dff48c4c18391eec0582a64cce7e8e4aafc3a3a28
SSDEEP

1536:HG58MIhyoPNrbnS2bzCFqZUdlUtpgozSWMj:maXPNrZbzCkZxtpgozSR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76d212b0afafc97ffa6b560535f6f4c4_JaffaCakes118

Files

76d212b0afafc97ffa6b560535f6f4c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d71806aea623bf80aef8dc26bda29b8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

comctl32

ord17

kernel32

OutputDebugStringA
FindClose
Sleep
FindFirstFileA
GetSystemDirectoryA
CreateFileA
ReadFile
RemoveDirectoryA
CloseHandle
SetEndOfFile
SetFilePointer
CreateDirectoryA
DeleteFileA
WriteFile
GetVolumeInformationA
GetVersionExA
DeviceIoControl
RaiseException
SetHandleCount
GetStdHandle
HeapFree
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
SetConsoleCtrlHandler
FreeEnvironmentStringsA
RtlUnwind
GetFileType
HeapReAlloc
HeapAlloc
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetUnhandledExceptionFilter
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
ExitProcess

msi

ord65
ord112
ord89

user32

SetFocus
MessageBoxA
CreateDialogParamA
ShowWindow
UpdateWindow
wsprintfA
SetWindowTextA
EnableWindow
PostQuitMessage
GetDlgItem
SendMessageA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
LoadStringA

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d71806aea623bf80aef8dc26bda29b8b

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

msi

user32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 4.0MB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 4.0MB

.rsrc
Size: 8KB - Virtual size: 4KB