a06c9c1fa5f849346fb52e6b9c39c7f4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a06c9c1fa5f849346fb52e6b9c39c7f4_JaffaCakes118
Size

926KB
MD5

a06c9c1fa5f849346fb52e6b9c39c7f4
SHA1

e86b02a870076e8b64ff9c74f679366f92e670e4
SHA256

58895fdce6b4faf6b7a5eed606865ec54f9a9004ea5d1149cf58ac0928e114a5
SHA512

3cae147259beb6ac2ed469c624c1f1b36a61b2875f968ce211f523e04882dd4c9a4961fbc0a00997cf6ee1155fb7f2f5ce5975d191d5c52665bdf980d387686f
SSDEEP

24576:k3yOV9nTu15ZC5F0MP7htU+MHA1RCQNS3jpLMUvh:GLmEVhtwg1RCQNS3jp9h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a06c9c1fa5f849346fb52e6b9c39c7f4_JaffaCakes118

Files

a06c9c1fa5f849346fb52e6b9c39c7f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ab600be5bf52474b6b0679ea10d9676

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoReleaseMarshalData
CoLockObjectExternal

advapi32

LockServiceDatabase
SetFileSecurityA
RegQueryValueExW
SetKernelObjectSecurity
ImpersonateLoggedOnUser
RegSaveKeyW
RegOpenKeyW
SetSecurityDescriptorSacl
GetSecurityDescriptorControl
CryptSetHashParam
ObjectDeleteAuditAlarmW

kernel32

VirtualUnlock
RaiseException
IsValidLocale
ExitProcess
VirtualAllocEx
CloseHandle
OpenMutexA
GlobalFindAtomW
GetFileAttributesA
ReadDirectoryChangesW
SetConsoleActiveScreenBuffer
GetUserDefaultLangID
OutputDebugStringA
GetFileType
ReadFile
FindFirstFileA
CreateDirectoryExA
LocalLock
SetConsoleOutputCP
GetDateFormatA
GetConsoleCursorInfo
VirtualLock
EnumDateFormatsW
lstrcmpiA
SetEnvironmentVariableW
GetBinaryTypeA
GetSystemDirectoryW
_lread
GetCompressedFileSizeW
GetShortPathNameW
QueryDosDeviceW
ReadFileScatter
GetAtomNameA
lstrcmpiW
WriteConsoleOutputW
FlushConsoleInputBuffer
FreeResource

version

VerInstallFileA

user32

CreateDialogParamW
GetKeyState
BeginPaint
ChangeMenuA
GetWindowRgn
wsprintfW
ChildWindowFromPoint
DefWindowProcW
CharNextA
IsRectEmpty
GetIconInfo
SendNotifyMessageW
SetMenuDefaultItem
LoadIconA
GetScrollBarInfo
CharUpperBuffW
SystemParametersInfoA
AppendMenuA
IsCharUpperW
GetDlgItemTextW
CreateIconFromResource
EnumDisplayDevicesA

msvcrt

_vsnwprintf
_sopen
strerror
wcsspn
puts
strstr
asctime
_umask
_controlfp
clearerr
rewind
_execlp
_lseeki64
_isatty
wscanf
_wtol
_wcsicmp
isspace
_unlink

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 617KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ab600be5bf52474b6b0679ea10d9676

Headers

File Characteristics

Imports

ole32

advapi32

kernel32

version

user32

msvcrt

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 617KB - Virtual size: 616KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 617KB - Virtual size: 616KB

.rsrc
Size: 17KB - Virtual size: 16KB