95a0103c711053f443218b2015beaa2d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

95a0103c711053f443218b2015beaa2d_JaffaCakes118
Size

68KB
MD5

95a0103c711053f443218b2015beaa2d
SHA1

7068ba429495f4ebcb30ba5de8890a966f7de197
SHA256

703b6ec72f89b4e8f8dd66cbae324a6763b637a9fd3689a2302629f6ca63e97e
SHA512

c243e3848a9294c9501b17d57c6a45e326cc638a7da7bf6f41c059bd45e6022648df01b3bf69989d795596d1937f90778f2056c64bcb695d8df0a682ca4ef51a
SSDEEP

1536:ClKOMxqyyl0ciGmoBJOyB6WDy/6WlHpEwMEpycng0dx:QKOMxqydciGmgJ3py/6WlJhME4Sg0dx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95a0103c711053f443218b2015beaa2d_JaffaCakes118

Files

95a0103c711053f443218b2015beaa2d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c5254e0e56871982a5ee0ed381c656cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

ole32

CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
StringFromGUID2

user32

TranslateMessage
MessageBoxW
GetTopWindow
PeekMessageW
LoadStringW
CharNextW
DispatchMessageW

crypt32

RegQueryInfoKeyU

setupapi

SetupPromptForDiskW

shlwapi

PathFindExtensionW

ntdll

memset

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW

dhcpcsvc

DhcpRequestOptions

msvcrt

_adjust_fdiv
free
__dllonexit
wcslen
_except_handler3
wcschr
wcsstr
realloc
wcsncmp
_wtoi
_initterm
_purecall
malloc
wcsncpy
_onexit
_wcsicmp

kernel32

UnhandledExceptionFilter
WriteFile
InterlockedDecrement
GetTempFileNameW
CloseHandle
GetSystemTimeAsFileTime
GetProcAddress
GetSystemInfo
GetTempPathW
FindResourceW
LoadResource
QueryPerformanceCounter
GetVersionExW
lstrlenW
DeleteFileW
GetFileAttributesW
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
CreateFileW
GetLocaleInfoA
GetModuleHandleA
GetCurrentThreadId
LoadLibraryExW
GetModuleHandleW
GetThreadLocale
GetVersion
SizeofResource
lstrcatW
GetCurrentProcessId
GetExitCodeProcess
OutputDebugStringA
GetTickCount
CreateDirectoryW
lstrcmpiW
VirtualAlloc
MultiByteToWideChar
RaiseException
InitializeCriticalSection
lstrcpyW
GetACP
GetSystemDefaultUILanguage
InterlockedExchange
Sleep
GetVersionExA
GetSystemDirectoryW
SetLastError
EnterCriticalSection
GetLastError
InterlockedIncrement
DeleteCriticalSection
CreateProcessW
GetCurrentProcess
GetWindowsDirectoryW
lstrcpynW
TerminateProcess
SetUnhandledExceptionFilter

cmdial32

AutoDialFunc

atmlib

ATMAddFont

Sections

.textbss
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5254e0e56871982a5ee0ed381c656cd

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

user32

crypt32

setupapi

shlwapi

ntdll

advapi32

dhcpcsvc

msvcrt

kernel32

cmdial32

atmlib

Sections

.textbss Size: - Virtual size: 432KB

.text Size: 512B - Virtual size: 464B

.idata Size: 89KB - Virtual size: 88KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 1024B - Virtual size: 892B

.reloc Size: 512B - Virtual size: 28B

.textbss
Size: - Virtual size: 432KB

.text
Size: 512B - Virtual size: 464B

.idata
Size: 89KB - Virtual size: 88KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 1024B - Virtual size: 892B

.reloc
Size: 512B - Virtual size: 28B