c1fa9166bfe5c649164a658ce6ecf059_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c1fa9166bfe5c649164a658ce6ecf059_JaffaCakes118
Size

205KB
MD5

c1fa9166bfe5c649164a658ce6ecf059
SHA1

0feeddd80b2704655d271fa6abb8aef33904c5ff
SHA256

dc325abc5552f4adc5adb130f444304b65f2c93dfd17d41d423b6cd145b2dada
SHA512

caa05b420d8f90fe73a0304819f26002f0fb668911c6b1307d25ac1b8f7c8c932c7c98be1dd12742bb280282c2d9025e2588b741833fabc165260113c18d897d
SSDEEP

6144:PW8Ixnn5g5x6Yt+QRY2zlF1gwczQb2zuZCv5kT:PRI5Ox6YtRR/f15b2CZCRS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1fa9166bfe5c649164a658ce6ecf059_JaffaCakes118

Files

c1fa9166bfe5c649164a658ce6ecf059_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da18db299b0997cbb336747657f76d95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberFormatW
GetFileAttributesA
QueryPerformanceFrequency
GetEnvironmentVariableW
GetExitCodeThread
SetPriorityClass
FatalAppExitA
lstrcmpW
IsValidCodePage
GetProcAddress
lstrlenA
CreateMutexA
LoadLibraryA
lstrlenW
GetACP
AddAtomA
MulDiv

user32

CreateMenu
EnumDesktopsW
SetWindowTextA
MessageBoxIndirectA
DeleteMenu
MessageBeep
DestroyIcon
GetTopWindow
CreateAcceleratorTableA
GetDC
SendDlgItemMessageA

gdi32

GetMetaFileW
GetGlyphOutlineA
SelectBrushLocal
CreateICA
PatBlt
GetStretchBltMode
EnumICMProfilesW
StrokePath
SetSystemPaletteUse
Arc
EnumFontFamiliesExA

advapi32

RegQueryValueW
RegReplaceKeyW
RegOpenKeyExA

shell32

SHGetFileInfoA
SHGetDataFromIDListA

shlwapi

SHRegOpenUSKeyA
PathFindFileNameA
PathIsSystemFolderA
SHRegEnumUSKeyW
UrlCanonicalizeW
PathUnExpandEnvStringsW
PathGetCharTypeW
PathIsRelativeW
PathSearchAndQualifyW
PathRemoveExtensionA
PathGetDriveNumberW
wnsprintfA
PathRemoveBackslashW

sqlunirl

_ChangeDisplaySettings_@8
_GetTextExtentPoint@16
_BackupEventLog_@8
_CreateDC_@16
_GetEnhMetaFileDescription_@12
_DefDlgProc_@16
_GetPrivateProfileSection_@16
_GetModuleHandle_@4

Sections

.HwWt
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fkfKcl
Size: 4KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Tg
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tF
Size: 3KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.T
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.isUiYZ
Size: 3KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.x
Size: 2KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da18db299b0997cbb336747657f76d95

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

sqlunirl

Sections

.HwWt Size: 1KB - Virtual size: 1KB

.fkfKcl Size: 4KB - Virtual size: 356KB

.Tg Size: 9KB - Virtual size: 9KB

.tF Size: 3KB - Virtual size: 385KB

.T Size: 2KB - Virtual size: 19KB

.isUiYZ Size: 3KB - Virtual size: 437KB

.x Size: 2KB - Virtual size: 378KB

.data Size: 115KB - Virtual size: 295KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 1024B - Virtual size: 624B

.HwWt
Size: 1KB - Virtual size: 1KB

.fkfKcl
Size: 4KB - Virtual size: 356KB

.Tg
Size: 9KB - Virtual size: 9KB

.tF
Size: 3KB - Virtual size: 385KB

.T
Size: 2KB - Virtual size: 19KB

.isUiYZ
Size: 3KB - Virtual size: 437KB

.x
Size: 2KB - Virtual size: 378KB

.data
Size: 115KB - Virtual size: 295KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 1024B - Virtual size: 624B