7720357b6da9902efc1ba5604fdc4528_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7720357b6da9902efc1ba5604fdc4528_JaffaCakes118
Size

212KB
MD5

7720357b6da9902efc1ba5604fdc4528
SHA1

92ff38ae3752f07307050968a87adbd3191dac04
SHA256

8587b8951782d18700c0fe913774f52b6b1bb665c8b667567edbe112c9e7f919
SHA512

baab4a4b6be5a3553b536ff1ee2c47043dd5f3d274e08c8a72c04e571b572c33f2b5f92eac8a06ed45b39c102172083bd3a0fa33a1c33c0aafd8a8c300fd0f1d
SSDEEP

6144:06cmAOGZ7RKXm6176uc0cUAQyAAuOhQ3T0Yyl:BbAOkJ60XgyATaQ3To

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7720357b6da9902efc1ba5604fdc4528_JaffaCakes118

Files

7720357b6da9902efc1ba5604fdc4528_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd4ebc3572713ce4d8c051c4af549778

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
ExpandEnvironmentStringsW
GetVolumeInformationW
GetProfileStringA
CreateEventA
lstrcpyA
CompareStringA
EnumSystemCodePagesW
FormatMessageW
CompareStringW
FindFirstFileA
GetTempPathW
UnhandledExceptionFilter
IsValidLocale
FindNextChangeNotification
Beep
PrepareTape
SetEndOfFile
CancelIo
GlobalFree
GetEnvironmentVariableW
FindResourceExA
VirtualQueryEx
RemoveDirectoryA
GetCommandLineW
ConnectNamedPipe
LoadLibraryExA
PeekNamedPipe
LocalSize
CreateDirectoryW
_lopen
GetNumberFormatW
GetStartupInfoA
SetThreadLocale
LocalAlloc
SetThreadAffinityMask
_lclose
VirtualAlloc
OpenSemaphoreW
WritePrivateProfileStringA
TlsGetValue
lstrcmpiA
SetProcessAffinityMask
GetConsoleCursorInfo
SetFileAttributesA
GetModuleHandleA

user32

SetWindowContextHelpId
GetLastActivePopup
GetDlgItemTextA
ClientToScreen
RegisterClipboardFormatW
CopyAcceleratorTableA
FindWindowA
DrawTextExA
RegisterClassW
PostMessageA
SetTimer
OpenDesktopW

gdi32

CreateHatchBrush
GetSystemPaletteUse
CreateDIBitmap
GetTextCharacterExtra
ScaleViewportExtEx
SetColorAdjustment
AbortDoc
EnumFontFamiliesExW
EnumFontFamiliesExA
SetTextColor

advapi32

ReportEventW
RegUnLoadKeyW
NotifyChangeEventLog
CreatePrivateObjectSecurity
CryptImportKey
LookupAccountSidA
CryptHashData
GetExplicitEntriesFromAclW
DuplicateToken
GetSecurityDescriptorControl

comctl32

ImageList_GetIconSize

version

GetFileVersionInfoA

ws2_32

select
WSAEnumProtocolsA
WSAConnect
WSAInstallServiceClassA
WSACancelAsyncRequest
ntohl
WSALookupServiceNextA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_get_osfhandle
_mbsdec
isspace
free
_fsopen
strrchr
wcstod
_splitpath
gmtime
puts
__p___argv
signal
sprintf
_mbsicmp
_wcsicoll

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bd4ebc3572713ce4d8c051c4af549778

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

version

ws2_32

msvcrt

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 200KB - Virtual size: 196KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 200KB - Virtual size: 196KB