96541099825a242cb9fb6b2fa9d404da_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

96541099825a242cb9fb6b2fa9d404da_JaffaCakes118
Size

857KB
MD5

96541099825a242cb9fb6b2fa9d404da
SHA1

19a0a63c1afa7c1df8ae1250f78bfa60bcbcad6c
SHA256

7a695fdd4519a433da7b2690e28942e731af779ee475a8d7499a47600903ef47
SHA512

422f03d3a93e2217b36fba5c0acf7bb23dda7ba27bff69585fbc5d943e1c4adacaf130b18d3e61b13160caf7bb74b24ded546e7d7a3f7dbe4dd0ddde75a79bf4
SSDEEP

12288:UhJdpygTLGUPAEY9O8gvJ35ZMM6u+5gE/VsjSOrfXUwjtz7CQo0E4heNobcF:MJ/ygTyQ6ONt4MgLVbOrswjtBZE4hcF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96541099825a242cb9fb6b2fa9d404da_JaffaCakes118

Files

96541099825a242cb9fb6b2fa9d404da_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e9fa9faf7e1d1a5a297a7500b093519c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
CryptReleaseContext
RegOpenKeyExW
DeregisterEventSource
CryptAcquireContextW
RegQueryValueExW
InitializeAcl
OpenSCManagerW
OpenThreadToken
RegCreateKeyExW
FreeSid
RegEnumKeyExA
QueryServiceStatus

kernel32

TerminateProcess
LeaveCriticalSection
GetTempFileNameA
GetStartupInfoA
FreeLibrary
TerminateThread
CreateFileMappingA
GetStartupInfoW
FindNextFileA
GetSystemDirectoryA
MoveFileExW
SearchPathW
OutputDebugStringA
DeleteFileW
LoadLibraryA
lstrcpynW
EnterCriticalSection
GetEnvironmentVariableA
lstrcpyW
GetEnvironmentStringsW
GetConsoleOutputCP
TlsFree
GetTempPathA
OutputDebugStringW
VirtualFree
GetDateFormatW
GetLastError
FindClose
CreateFileW
HeapReAlloc
UnhandledExceptionFilter
FlushFileBuffers
GetCurrentDirectoryW
DeleteCriticalSection
GetSystemTime
GlobalLock
GetSystemTimeAsFileTime
InterlockedDecrement
DeviceIoControl
QueryPerformanceCounter
TlsAlloc
VirtualAlloc
LocalFileTimeToFileTime
WriteFile
GetModuleFileNameA
SetFileAttributesW
GetLocalTime
LoadResource
GetFullPathNameW
SetEndOfFile
lstrcmpiW
UnmapViewOfFile
SetConsoleCtrlHandler
GetEnvironmentStrings
GetFileTime
GetLocaleInfoA
FindNextFileW
GetCurrentDirectoryA
GetModuleFileNameW
lstrcpyA

gdi32

SelectClipRgn
StretchDIBits
SetWindowOrgEx
SetBrushOrgEx
SetViewportExtEx
SelectObject
CombineRgn
CreateRectRgnIndirect
SetWindowExtEx
RestoreDC
CreateDIBitmap
MoveToEx
CreatePatternBrush

msvcrt

exit
__p__commode
__set_app_type
__getmainargs

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 479KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9fa9faf7e1d1a5a297a7500b093519c

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

msvcrt

Sections

.text Size: 151KB - Virtual size: 150KB

.rdata Size: 223KB - Virtual size: 222KB

.data Size: 479KB - Virtual size: 1.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 151KB - Virtual size: 150KB

.rdata
Size: 223KB - Virtual size: 222KB

.data
Size: 479KB - Virtual size: 1.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB