d07b693ff01efc9d6e8b292ea921ee9b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d07b693ff01efc9d6e8b292ea921ee9b_JaffaCakes118
Size

262KB
MD5

d07b693ff01efc9d6e8b292ea921ee9b
SHA1

5b899c7d82e212c6405493382e42ed49e75d561a
SHA256

91e6a709a71d820efd0853da25aba50a238ec4dc6874188399f92b5e0ff4c76f
SHA512

a676273dc34763237c8f30ba18d726cc47bb719fbeead100ff526b774400362957fe1cca42e60c0edec77ca2ff861979f34ca9dfdf5eb88e8e5af4d00af52004
SSDEEP

6144:TIhzIUSv1l0ClshFKBMeUS4WaJqezso4vcADSpxBVrS2DO:UhkBv1lRs+BTaJtzF1ADS9JS3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d07b693ff01efc9d6e8b292ea921ee9b_JaffaCakes118

Files

d07b693ff01efc9d6e8b292ea921ee9b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

423c85058176406a669dfd94bcd4549a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
SetErrorMode
LoadLibraryA
ExpandEnvironmentStringsA
DosDateTimeToFileTime
FreeLibrary
lstrcmpiW
lstrlenA
lstrlenW
GetLocalTime
GetExitCodeThread
GetLocaleInfoW
GetModuleHandleW
GetVersionExW
LoadLibraryW
OpenMutexW
GetFileAttributesW
GetExitCodeProcess
CreateEventW
WaitForSingleObject
GetModuleFileNameW
Sleep
CreateDirectoryW
GetTempPathW
GetLastError
RemoveDirectoryW
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
IsDebuggerPresent
CreateMutexW
GlobalAlloc
MultiByteToWideChar
GetProcessHeap
GetProcAddress

user32

InvalidateRect
GetFocus
GetForegroundWindow
GetActiveWindow
IsWindow
DestroyIcon
LoadBitmapW
CopyRect
LoadImageW
LoadIconW
GetSystemMetrics
IsIconic
MessageBoxW
wsprintfW
PostMessageW
EnableWindow
SendMessageW

gdi32

CreateSolidBrush
CreatePen

advapi32

GetTokenInformation
LookupAccountSidW
DuplicateTokenEx
ImpersonateLoggedOnUser
SetThreadToken
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
GetUserNameW
RevertToSelf
OpenProcessToken

comctl32

ord17

oleaut32

VariantClear

shell32

ShellExecuteW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

iphlpapi

DeleteIpForwardEntry
InternalSetIfEntry
GetIpNetTable
NotifyRouteChange
Icmp6CreateFile
IcmpSendEcho
GetUniDirectionalAdapterInfo

msimtf

DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.SXHkf
Size: 4KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zMAo
Size: 5KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 92KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.D
Size: 5KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.w
Size: 5KB - Virtual size: 707KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xwgXRX
Size: 2KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 121KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GOMty
Size: 2KB - Virtual size: 479KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

423c85058176406a669dfd94bcd4549a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

oleaut32

shell32

version

iphlpapi

msimtf

Sections

.text Size: 11KB - Virtual size: 10KB

.SXHkf Size: 4KB - Virtual size: 52KB

.rdata Size: 3KB - Virtual size: 45KB

.zMAo Size: 5KB - Virtual size: 114KB

.edata Size: 92KB - Virtual size: 102KB

.D Size: 5KB - Virtual size: 117KB

.data Size: 7KB - Virtual size: 220KB

.w Size: 5KB - Virtual size: 707KB

.xwgXRX Size: 2KB - Virtual size: 77KB

.edata Size: 121KB - Virtual size: 131KB

.GOMty Size: 2KB - Virtual size: 479KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.SXHkf
Size: 4KB - Virtual size: 52KB

.rdata
Size: 3KB - Virtual size: 45KB

.zMAo
Size: 5KB - Virtual size: 114KB

.edata
Size: 92KB - Virtual size: 102KB

.D
Size: 5KB - Virtual size: 117KB

.data
Size: 7KB - Virtual size: 220KB

.w
Size: 5KB - Virtual size: 707KB

.xwgXRX
Size: 2KB - Virtual size: 77KB

.edata
Size: 121KB - Virtual size: 131KB

.GOMty
Size: 2KB - Virtual size: 479KB

.rsrc
Size: 2KB - Virtual size: 2KB