d05374ee071a9f6f6e2898f2a0876674_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d05374ee071a9f6f6e2898f2a0876674_JaffaCakes118
Size

92KB
MD5

d05374ee071a9f6f6e2898f2a0876674
SHA1

f4125cf8545b235888034ee01dc8d67712308266
SHA256

5f2b35e3db6d58df19cb7e64fd20d62ef91852366157d25215f7acec0efa5317
SHA512

298182a90a7721c37b9a9fb7c21891d9c6f53241017e042bfaf62213d802e47f264c18c34cfa94b933a82d3f15b8b93e01d6080c92ee8be30c1b2a9f518e0f29
SSDEEP

1536:8T2WvKPZVcPRlI2j0L8GYgN6mzgEJh5dSh+D5C3d3YoNDnvV/7IMM5+WLJ6oyaFW:LWviZVcpl3wnYgNNzJdn5C3dIoR57XMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d05374ee071a9f6f6e2898f2a0876674_JaffaCakes118

Files

d05374ee071a9f6f6e2898f2a0876674_JaffaCakes118
.exe windows:5 windows x86 arch:x86

916da5ddad0ce6619978c3ba6464dff1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcslen
_except_handler3
_strlwr
_adjust_fdiv
_wcslwr
wcsrchr
fclose
strncpy
fseek
malloc
_wcsnicmp
fwrite
free
mbstowcs
sscanf
fread
wcsncmp
strstr
wcstombs
memset
_purecall
memcpy
fopen
wcscmp
_initterm
printf
_strupr
memmove

kernel32

RemoveDirectoryW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
ExitProcess
GetFileAttributesA
GetDiskFreeSpaceA
VirtualFree
lstrlenW
GetSystemDirectoryA
DeleteFileW
TerminateProcess
GetTickCount
GetSystemTimeAsFileTime
Sleep
FreeLibrary
CreateDirectoryW
FreeEnvironmentStringsW
GetCurrentProcessId
InitializeCriticalSection
GetEnvironmentStrings
CreateFileA
TlsSetValue
GetCurrentProcess
MapViewOfFile
HeapAlloc
CreateFileMappingW
CopyFileA
HeapFree
GetWindowsDirectoryA
DeviceIoControl
UnmapViewOfFile
QueryPerformanceCounter
GetProcAddress
GetLocalTime
CreateEventA
GetWindowsDirectoryW
GetVersionExW
GetFileAttributesW
TlsAlloc
GetVersion
IsBadReadPtr
SetLastError
LoadLibraryW
LeaveCriticalSection
SetUnhandledExceptionFilter
VirtualAlloc
FindNextFileW
GetVersionExA
LoadLibraryA
VirtualProtect
GetEnvironmentStringsW
SetFileAttributesW
SetEvent
CloseHandle
TlsGetValue
SetFileAttributesA
DeleteCriticalSection
FindClose
GetProcessHeap
UnhandledExceptionFilter
GlobalMemoryStatus
lstrlenA
LocalFree
GetModuleHandleW
GetCurrentThreadId
GetSystemTime
EnterCriticalSection
TlsFree
FindFirstFileW
GetLastError
WideCharToMultiByte
WaitForSingleObject

crypt32

RegCreateHKCUKeyExU

atmlib

ATMEnumFonts

cmdial32

AutoDialFunc

advapi32

RegQueryValueExA
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
RegSetValueExA
RegCloseKey
RegQueryValueExW
RegOpenKeyW
GetSecurityDescriptorDacl
RegCreateKeyExA
RegSetValueExW
RegOpenKeyExA
RegCreateKeyExW
RegDeleteValueW

ntdll

NtCreateFile

Sections

.textbss
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

916da5ddad0ce6619978c3ba6464dff1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

crypt32

atmlib

cmdial32

advapi32

ntdll

Sections

.textbss Size: - Virtual size: 432KB

.text Size: 512B - Virtual size: 460B

.idata Size: 89KB - Virtual size: 88KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 32B

.data Size: 1024B - Virtual size: 892B

.textbss
Size: - Virtual size: 432KB

.text
Size: 512B - Virtual size: 460B

.idata
Size: 89KB - Virtual size: 88KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 32B

.data
Size: 1024B - Virtual size: 892B