788edf8cd18198fdd260cb42fcb52108_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

788edf8cd18198fdd260cb42fcb52108_JaffaCakes118
Size

861KB
MD5

788edf8cd18198fdd260cb42fcb52108
SHA1

0dde54ec1f0a2d5216cda45077f31a84afa3726a
SHA256

ca7a57325a7379ae69de5d2691e4efd79bf84d8aa0a470dd8e1e4a6c8f3a7d18
SHA512

3ff803db77c03d9c2f59c65a5d79a5cd71c9d76d67b9fc2b3afde8be6d1db593dd9880dd8e3bef809e91d95b19a80b83bbdb226f44654588102bb90f78182a59
SSDEEP

24576:A7sb3WqzDTPI5VnRwXOdASPFDGJ+qzH9eK5iIk:AHqz3qVnR4HUIJvzH9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
788edf8cd18198fdd260cb42fcb52108_JaffaCakes118

Files

788edf8cd18198fdd260cb42fcb52108_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a6689fded857e44954ed846760318b12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
SetEvent
GlobalReAlloc
VirtualQuery
GetProcAddress
GetLastError
TlsGetValue
DeleteFileW
LeaveCriticalSection
GetEnvironmentStrings
WideCharToMultiByte
LocalReAlloc
GlobalDeleteAtom
GetShortPathNameA
GlobalMemoryStatus
DeleteCriticalSection
GetDriveTypeA
VirtualAlloc
FindFirstFileA
SetFileAttributesW
FlushFileBuffers
FindClose
GlobalFree
CopyFileW
EnterCriticalSection
GetSystemInfo
CompareStringA
lstrcmpiW
SystemTimeToFileTime
OutputDebugStringW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
GetWindowsDirectoryA
CompareStringW
RtlUnwind
CreateProcessA
IsBadReadPtr
GetEnvironmentStringsA
GetFileTime
SetUnhandledExceptionFilter
SetEndOfFile
IsValidCodePage
GetTempFileNameW
GetUserDefaultLCID
MoveFileW
GetCurrentThread
GetDiskFreeSpaceA
GetDateFormatA
GlobalHandle
LoadLibraryA
ResetEvent
CreateMutexA
lstrlenW
lstrcmpiA
MoveFileExW
InterlockedDecrement

user32

GetMenuItemCount
GetWindowPlacement
SetWindowsHookExW
GetWindowLongW
LoadMenuW
GetDlgItemTextW
TrackPopupMenu
SystemParametersInfoW
GetDlgCtrlID
SetWindowRgn
SendMessageW
TranslateMessage
SetActiveWindow
IsDialogMessageA
SetWindowLongA
GetClassNameW
SetPropW
GetClassNameA
DefWindowProcA

advapi32

GetTokenInformation
GetLengthSid
IsValidSid
RegOpenKeyExW
OpenServiceW
RegEnumKeyExA

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 347KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6689fded857e44954ed846760318b12

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 346KB - Virtual size: 345KB

.data Size: 347KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 346KB - Virtual size: 345KB

.data
Size: 347KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB