c16b4da6ed811140959534015a3492d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c16b4da6ed811140959534015a3492d3_JaffaCakes118
Size

60KB
MD5

c16b4da6ed811140959534015a3492d3
SHA1

09eeae42a5f3d6474a5ecbb61c5698bb0aea0c03
SHA256

8443a418435aa4f988e5ffef1b8e17e376919f6d6050f52e3ae7c338066d2ad9
SHA512

25d07d4bbe90725375d50f7acf4fc532a55cfb65cb25dbb4549273f03af79d3cb022a0d708fcac6f57a91704541f177116947eb26e7830c2a0959b27ed49a03e
SSDEEP

1536:NeFVWADqrHXmzBo503hb2WFknJJYu9sIzTr:NeFQ8qr3m1oah2IE+u9fz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c16b4da6ed811140959534015a3492d3_JaffaCakes118

Files

c16b4da6ed811140959534015a3492d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56bdd97ee6c9a8387c7ce5438355c421

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemCodePagesW
ExitProcess
FindFirstChangeNotificationW
GetACP
GetCommModemStatus
GetCompressedFileSizeW
GetConsoleOutputCP
GetFullPathNameA
GetFullPathNameW
GetModuleFileNameA
GetNumberFormatA
GetProcessHeap
GetProcessShutdownParameters
GetSystemPowerStatus
GlobalGetAtomNameW
GlobalMemoryStatus
LeaveCriticalSection
LoadModule
LocalShrink
ReleaseMutex
SetDefaultCommConfigW
SetThreadPriorityBoost
VirtualQuery
WaitForMultipleObjects
WriteConsoleW
WriteFile
WritePrivateProfileStructW
_hread

advapi32

AccessCheckAndAuditAlarmA
AllocateAndInitializeSid
CryptDestroyHash
CryptEnumProvidersW
CryptGetDefaultProviderW
CryptGetProvParam
CryptHashData
CryptSetProviderA
DeleteService
EnumDependentServicesW
GetEffectiveRightsFromAclW
GetMultipleTrusteeW
GetPrivateObjectSecurity
GetSecurityDescriptorControl
GetServiceDisplayNameW
GetSidIdentifierAuthority
InitializeAcl
InitializeSecurityDescriptor
IsTextUnicode
LockServiceDatabase
ObjectPrivilegeAuditAlarmW
QueryServiceObjectSecurity
RegEnumKeyExA
RegRestoreKeyW
SetAclInformation
SetEntriesInAccessListA
SetEntriesInAuditListA
SetEntriesInAuditListW

gdi32

CopyMetaFileW
CreateEnhMetaFileW
CreateFontIndirectA
GetDIBits
GetEnhMetaFileDescriptionW
GetKerningPairsW
GetMetaFileBitsEx
GetRasterizerCaps
GetRgnBox
GetTextAlign
GetTextExtentPoint32W
LPtoDP
OffsetClipRgn
PolyTextOutA
Polygon
SetColorAdjustment
SetDIBitsToDevice
SetICMMode
SetPolyFillMode
UpdateICMRegKeyW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56bdd97ee6c9a8387c7ce5438355c421

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 52KB - Virtual size: 56KB

.idata Size: - Virtual size: 12KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 52KB - Virtual size: 56KB

.idata
Size: - Virtual size: 12KB

.rsrc
Size: - Virtual size: 12KB