adec0c115a78c689dc4d1e6ad2eb9bdd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

adec0c115a78c689dc4d1e6ad2eb9bdd_JaffaCakes118
Size

56KB
MD5

adec0c115a78c689dc4d1e6ad2eb9bdd
SHA1

02aee2d8a1bbd111d8e30202a336f9268b03f4e9
SHA256

e78e5ca75661232560c6e231dac9544c63465dbd88a0c353c9f8519c0fae3a17
SHA512

edf46d72e938779b2c26e4bc63a207f5ebd5fdda211f589075911523f541fb430fd2b01a42d36392c88a469ba913ba91a5387bfe7ae926ff7ad1884ffc9f83b4
SSDEEP

1536:6N3+1WjtEuNv05xLjbwiKLIs/oxLsQMA:i+1Wj+uq5xkiKLIswxLlMA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adec0c115a78c689dc4d1e6ad2eb9bdd_JaffaCakes118

Files

adec0c115a78c689dc4d1e6ad2eb9bdd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f73028a641609006de7bbdf859a48332

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
SetFilePointer
WriteFile
ReadFile
CreateFileA
SizeofResource
LockResource
FreeResource
GetTempPathA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
FreeLibrary
GetVersionExA
TerminateThread
ResetEvent
CreateThread
SetCurrentDirectoryA
CreateEventA
SetEvent
CreateMutexA
FindResourceA
LoadResource
GetCommandLineA
GetStartupInfoA
GetProcAddress
IsDBCSLeadByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindClose
GetModuleFileNameA
GetWindowsDirectoryA
LocalFileTimeToFileTime
_lopen
_llseek
_lclose
FindFirstFileA
lstrcmpA
SetFileAttributesA
DeleteFileA
FindNextFileA
lstrcpyA
RemoveDirectoryA
GetSystemDirectoryA
GetShortPathNameA
lstrcatA
lstrcmpiA
lstrlenA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetFileAttributesA
LocalFree
CloseHandle
LoadLibraryA
GetCurrentProcess
GetLastError
LocalAlloc
ExitThread
HeapAlloc
GetProcessHeap
HeapFree
QueryPerformanceFrequency
GetTimeZoneInformation
SetThreadPriority
MoveFileWithProgressA
FindAtomA
IsValidLanguageGroup
DosDateTimeToFileTime
GetTempFileNameA
GetSystemInfo
GetDriveTypeA
lstrcpynA
GetVolumeInformationA
GetCurrentDirectoryA
LoadLibraryExA
GetModuleHandleA
CreateDirectoryA
ExpandEnvironmentStringsA
FormatMessageA
EnumResourceLanguagesA
MulDiv
GetDiskFreeSpaceA
WritePrivateProfileStringA
ExitProcess

user32

GetDesktopWindow
EnableWindow
SendDlgItemMessageA
SetWindowTextA
SetForegroundWindow
GetDlgItem
CallWindowProcA
GetWindowLongA
wsprintfA
SetWindowLongA
CharPrevA
CharUpperA
CharNextA
ExitWindowsEx
DispatchMessageA
LoadStringA
PeekMessageA
MessageBoxA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
ShowWindow
DialogBoxIndirectParamA
SetDlgItemTextA
MessageBeep
SendMessageA
GetDlgItemTextA
MsgWaitForMultipleObjects
GetSystemMetrics
EndDialog

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
FreeSid
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
EqualSid
AllocateAndInitializeSid
RegCloseKey

gdi32

GetDeviceCaps

Sections

.code_1
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f73028a641609006de7bbdf859a48332

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.code_1 Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 3KB

.code_1
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 3KB