962f2ac67c2bd2a94be066811d62fec8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

962f2ac67c2bd2a94be066811d62fec8_JaffaCakes118
Size

92KB
MD5

962f2ac67c2bd2a94be066811d62fec8
SHA1

6431ee948f589b798c0b616b28cc7c35ec1e09c3
SHA256

5d5bedbbaf5e1dbd1b7ca3dc217d6f021b26f8f4282e82d0733ee895cf1dc856
SHA512

ae5022e6c1d4a75fec9ccd53f244ceb84b612173024dc29bb8cd97bae31bf1ca66f7a6a06604aa7242d9a3252caf07090bab39c46701994cbe27ee1525472f2e
SSDEEP

1536:ClKOMxqyyl0ciGmoBJOyB6WDy/6WlHpEwMEpycng0dtuYm6LmWrA9Uh:QKOMxqydciGmgJ3py/6WlJhME4Sg0dtJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
962f2ac67c2bd2a94be066811d62fec8_JaffaCakes118

Files

962f2ac67c2bd2a94be066811d62fec8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c5254e0e56871982a5ee0ed381c656cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

ole32

CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
StringFromGUID2

user32

TranslateMessage
MessageBoxW
GetTopWindow
PeekMessageW
LoadStringW
CharNextW
DispatchMessageW

crypt32

RegQueryInfoKeyU

setupapi

SetupPromptForDiskW

shlwapi

PathFindExtensionW

ntdll

memset

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW

dhcpcsvc

DhcpRequestOptions

msvcrt

_adjust_fdiv
free
__dllonexit
wcslen
_except_handler3
wcschr
wcsstr
realloc
wcsncmp
_wtoi
_initterm
_purecall
malloc
wcsncpy
_onexit
_wcsicmp

kernel32

UnhandledExceptionFilter
WriteFile
InterlockedDecrement
GetTempFileNameW
CloseHandle
GetSystemTimeAsFileTime
GetProcAddress
GetSystemInfo
GetTempPathW
FindResourceW
LoadResource
QueryPerformanceCounter
GetVersionExW
lstrlenW
DeleteFileW
GetFileAttributesW
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
CreateFileW
GetLocaleInfoA
GetModuleHandleA
GetCurrentThreadId
LoadLibraryExW
GetModuleHandleW
GetThreadLocale
GetVersion
SizeofResource
lstrcatW
GetCurrentProcessId
GetExitCodeProcess
OutputDebugStringA
GetTickCount
CreateDirectoryW
lstrcmpiW
VirtualAlloc
MultiByteToWideChar
RaiseException
InitializeCriticalSection
lstrcpyW
GetACP
GetSystemDefaultUILanguage
InterlockedExchange
Sleep
GetVersionExA
GetSystemDirectoryW
SetLastError
EnterCriticalSection
GetLastError
InterlockedIncrement
DeleteCriticalSection
CreateProcessW
GetCurrentProcess
GetWindowsDirectoryW
lstrcpynW
TerminateProcess
SetUnhandledExceptionFilter

cmdial32

AutoDialFunc

atmlib

ATMAddFont

Sections

.textbss
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5254e0e56871982a5ee0ed381c656cd

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

user32

crypt32

setupapi

shlwapi

ntdll

advapi32

dhcpcsvc

msvcrt

kernel32

cmdial32

atmlib

Sections

.textbss Size: - Virtual size: 432KB

.text Size: 512B - Virtual size: 464B

.idata Size: 89KB - Virtual size: 88KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 1024B - Virtual size: 892B

.reloc Size: 512B - Virtual size: 28B

.textbss
Size: - Virtual size: 432KB

.text
Size: 512B - Virtual size: 464B

.idata
Size: 89KB - Virtual size: 88KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 1024B - Virtual size: 892B

.reloc
Size: 512B - Virtual size: 28B