8dfd7fbf4479526c101f999b4fabcc18_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8dfd7fbf4479526c101f999b4fabcc18_JaffaCakes118
Size

154KB
MD5

8dfd7fbf4479526c101f999b4fabcc18
SHA1

faf7796536a7313277361adb8e38327325d20e9c
SHA256

bd7a58791550a49c498f504748edc02fd04f33d166253ab6e1e8fba903e017c1
SHA512

934ea4b6a820c148944139d713b8e6223faa7d3352649f34e0a1a3f6bc1b84f2c09a641f0137dfbd68c091e69c7ef5bd7970c7d08cfe89e22eb9dd9618b80dec
SSDEEP

3072:t1O3QaZHmB+jvth5+p18gol1OI9khZ7tT/H0i6sEhNXgS:t2mIy18g1zYPsaS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dfd7fbf4479526c101f999b4fabcc18_JaffaCakes118

Files

8dfd7fbf4479526c101f999b4fabcc18_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4daf895297c25647c1d9189ba733f14a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetScrollPos
SetCursor
LoadIconW
wsprintfA
SetPropW
DefWindowProcW
DialogBoxParamW
ScreenToClient
PostQuitMessage
MessageBoxW
DrawFocusRect
DestroyIcon
SetScrollInfo
GetWindowThreadProcessId
GetSystemMenu
DrawIcon
DrawIconEx
EndPaint
BeginPaint
GetDlgItem
GetMenuState
WindowFromPoint
DefWindowProcA
PtInRect
GetWindowLongW
OffsetRect
GetScrollPos
GetCapture
GetClassNameA
GetSysColor
CallNextHookEx
RegisterClipboardFormatW
ReleaseCapture
CreatePopupMenu
SetRect

kernel32

FindNextFileA
CreateDirectoryW
LoadLibraryA
OpenProcess
GetVersion
GetVersionExA
SetFileTime
GetOEMCP
lstrcpynA
MultiByteToWideChar
FindFirstFileW
IsBadReadPtr
LeaveCriticalSection
GetStartupInfoA
SetErrorMode
VirtualAlloc
IsDBCSLeadByte
LocalFileTimeToFileTime
LoadResource
lstrcpyA
GetThreadLocale
SearchPathW
GlobalDeleteAtom
GetTimeFormatA
DeleteCriticalSection
FileTimeToLocalFileTime
GetFileTime
LocalReAlloc
LockFile
GetSystemInfo
CreateMutexA
SetConsoleCtrlHandler
GetCurrentProcess
SetFileAttributesA
EnterCriticalSection
GetEnvironmentStringsW
GetCurrentThread
WriteFile
InterlockedIncrement
OutputDebugStringA
GetSystemDirectoryA
GetSystemTimeAsFileTime

advapi32

AddAccessAllowedAce
InitializeSecurityDescriptor
RegEnumValueW
RegOpenKeyW
AdjustTokenPrivileges
RegSetValueExA
ReportEventW
RegQueryValueExW
IsValidSid
RegEnumKeyExW

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4daf895297c25647c1d9189ba733f14a

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 2KB - Virtual size: 144KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 2KB - Virtual size: 144KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB