bc768a883f2079c1a8048ed579ded2de_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bc768a883f2079c1a8048ed579ded2de_JaffaCakes118
Size

553KB
MD5

bc768a883f2079c1a8048ed579ded2de
SHA1

7cedafcca41abb77543e5a05a439f10c6fc2f8be
SHA256

f85666428a3ca1fe75f8f03ea863d6825b9201a6f13b414d4798d1ee200bfefd
SHA512

6fcfe7f60557343519837bb85cddb58e6fcfa5f080e1124c33e6724b5d2a4c7be4aa31e022d3076be186a0079b93aec412c36cc5dcc451563f3886852010156c
SSDEEP

6144:vLuwHBfi2/KByTNhYNGSjl3Bpp+d8IbIlW4wkj2OHH6ny7V:q6Fj8y5h+jlLpwkM4whwV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc768a883f2079c1a8048ed579ded2de_JaffaCakes118

Files

bc768a883f2079c1a8048ed579ded2de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bafcf0fb73a01b5b9792be3cbe3855a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopy
SafeArrayUnaccessData
SysFreeString
SafeArrayCreate
SetErrorInfo
QueryPathOfRegTypeLi

user32

ChangeMenuA
SetWindowsHookExW
SetWindowsHookW
DrawFrameControl
ChangeDisplaySettingsW
SetDlgItemInt
GetScrollRange
DestroyCursor
GetShellWindow
CreateAcceleratorTableW
HideCaret
GetWindowTextLengthW
TranslateAcceleratorA
SetCapture
EnumDisplaySettingsW
DefDlgProcA
TranslateMessage
DialogBoxIndirectParamA
SetScrollRange
CharPrevW
GetKeyboardLayoutNameA

shell32

DragQueryPoint
SHGetSpecialFolderPathA

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon

advapi32

RegSetValueExA
GetServiceKeyNameW
SetFileSecurityW
ImpersonateNamedPipeClient
CreateProcessAsUserA
LookupAccountNameW
SetSecurityDescriptorOwner
RegQueryValueA

kernel32

GetThreadPriority
EnumTimeFormatsW
OpenMutexA
GetTapeParameters
lstrcmpiW
WaitNamedPipeA
GetEnvironmentStringsW
SetVolumeLabelA
GlobalFindAtomA
GetVersion
ExitProcess
ReadDirectoryChangesW
SetConsoleActiveScreenBuffer
GetSystemTimeAsFileTime
VirtualProtect
IsBadStringPtrA
SetMailslotInfo

msvcrt

vswprintf
_locking
_waccess
abort
_tempnam
_wcsdup
floor
perror
_wtol
_endthread
strcoll
_mbsnicmp
strncpy
_mbsnbicmp
ceil
_wtoi
rewind
islower
_setmbcp
_wsopen
_endthreadex
isalnum
fputs
gmtime
fwprintf

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bafcf0fb73a01b5b9792be3cbe3855a

Headers

File Characteristics

Imports

oleaut32

user32

shell32

comctl32

advapi32

kernel32

msvcrt

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 229KB - Virtual size: 228KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 229KB - Virtual size: 228KB

.rsrc
Size: 16KB - Virtual size: 16KB