b3dbcba38512538a8883bfb8840ad871_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3dbcba38512538a8883bfb8840ad871_JaffaCakes118
Size

43KB
MD5

b3dbcba38512538a8883bfb8840ad871
SHA1

5b28f3ef8bddf6e3fb27ae865955e35980de047d
SHA256

9f1ce2b92387ba107c2be9e9254b8d85b6937613eef9974fe92d8e9ac158f9df
SHA512

558c37137a3cede67d6e625d77f31d14e4357994b58b91f29e219348fd86f5b0162e956f69bd8f54ee090321b31d9264076075fd567fa2e57616b7b5f42c588c
SSDEEP

768:805iNkrO+3sSmh2oGkEZLczrgb88dlYFKGYULRkYJfH9UzFNjdzP3ZG5:ZFz3sSmEYqWQ8Gl9GYU13ldoNjdzP3Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3dbcba38512538a8883bfb8840ad871_JaffaCakes118

Files

b3dbcba38512538a8883bfb8840ad871_JaffaCakes118
.exe windows:4 windows x86 arch:x86

596de966d90be57b11736e6fe3384746

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
ContinueDebugEvent
CreateRemoteThread
DeleteFileA
EnumDateFormatsExA
ExitProcess
GetConsoleMode
GetDiskFreeSpaceExW
GetSystemDirectoryW
GetThreadPriority
GlobalAddAtomW
GlobalFree
OutputDebugStringW
SetConsoleMode
SetPriorityClass
SetStdHandle
SetTimeZoneInformation
UTUnRegister
UpdateResourceA
WritePrivateProfileStringW
WritePrivateProfileStructW

advapi32

BuildImpersonateTrusteeW
BuildSecurityDescriptorA
CancelOverlappedAccess
CreateProcessAsUserA
CreateServiceA
CryptGetDefaultProviderW
CryptSignHashA
EnumDependentServicesW
EnumServicesStatusA
GetAccessPermissionsForObjectA
GetExplicitEntriesFromAclW
GetOldestEventLogRecord
GetPrivateObjectSecurity
GetSecurityInfo
InitializeSecurityDescriptor
LookupPrivilegeDisplayNameW
ObjectPrivilegeAuditAlarmA
OpenBackupEventLogW
QueryServiceConfigW
QueryServiceLockStatusA
RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyA
RegSetValueExA
ReportEventA
StartServiceCtrlDispatcherA
TrusteeAccessToObjectW

user32

ActivateKeyboardLayout
BringWindowToTop
CopyImage
CreateMDIWindowA
DdeConnect
DefDlgProcA
DrawCaptionTempA
EndDialog
FindWindowW
GetMenuState
GetWindowModuleFileNameW
InsertMenuItemA
IsWindowVisible
OpenWindowStationW
RegisterDeviceNotificationA
SetLastErrorEx
SetMenuDefaultItem
SetParent
SetSysColors
SetWindowTextA
SwapMouseButton
UnloadKeyboardLayout
UnlockWindowStation
VkKeyScanExA
WINNLSGetEnableStatus

gdi32

CloseFigure
CreateCompatibleDC
CreateFontIndirectW
CreateHalftonePalette
CreateMetaFileA
CreateSolidBrush
DescribePixelFormat
EnumFontFamiliesExW
EnumFontFamiliesW
ExtEscape
ExtTextOutA
GetKerningPairsW
GetMapMode
GetMiterLimit
GetViewportExtEx
MaskBlt
Rectangle
ResetDCA
ScaleWindowExtEx
SetFontEnumeration
SetGraphicsMode
StrokePath
TranslateCharsetInfo
UnrealizeObject
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

596de966d90be57b11736e6fe3384746

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 8KB

.data Size: 41KB - Virtual size: 48KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 4KB

.text
Size: 512B - Virtual size: 8KB

.data
Size: 41KB - Virtual size: 48KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 4KB