d12de6d6f7027d45e22b1f6672a130a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d12de6d6f7027d45e22b1f6672a130a5_JaffaCakes118
Size

863KB
MD5

d12de6d6f7027d45e22b1f6672a130a5
SHA1

81dba558d73ec17095593fd5f157f492d48dc255
SHA256

d4f7dcb6d1968e1d3788dc84a40886c28dd8b08daf6f814e875072c2106e76db
SHA512

6bd62b35d745195f9a04739dcad5b878fdffa59b6bc2609496164d4d518f6093a9a8aab1cba74512a2ae9f47a876db6faa14191c65d843387b8e78cde267dce3
SSDEEP

24576:I1uIrqhoY++0W5eh8m8IayzE3Fgb8WdKnGAh5CxBQ5z:I00qhoYLTWaymFgbhUGM5Cxq5z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d12de6d6f7027d45e22b1f6672a130a5_JaffaCakes118

Files

d12de6d6f7027d45e22b1f6672a130a5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

05b1d7915dacdf05941f35ef2d861bf1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoW
IsDialogMessageA
GetScrollPos
GetClassInfoExW
DispatchMessageW
ValidateRect
SetWindowRgn
CallNextHookEx
EnumWindows
GetActiveWindow
LoadStringW
EndPaint
GetFocus
GetMenu
GetMenuState
IsWindow
ShowWindow
IsWindowVisible
GetWindowDC
RedrawWindow
RegisterClassExW
GetAsyncKeyState
GetSysColor

kernel32

GlobalLock
SearchPathW
EnterCriticalSection
CreateDirectoryW
GlobalSize
GetTempPathA
InterlockedDecrement
GetTempPathW
LoadLibraryExW
ReleaseMutex
VirtualAlloc
QueryPerformanceCounter
FileTimeToSystemTime
WideCharToMultiByte
GetSystemDefaultLCID
TlsSetValue
WritePrivateProfileStringA
lstrcmpiA
TerminateThread
GetConsoleMode
GetDiskFreeSpaceA
LeaveCriticalSection
GetLocaleInfoA
GetFileInformationByHandle
GetWindowsDirectoryA
lstrlenW
FindClose
GetSystemTimeAsFileTime
GetCurrentThreadId
SetFileAttributesW
GetACP
EnumSystemLocalesA
LoadLibraryA
FlushInstructionCache
HeapFree
GetProcessHeap
CompareFileTime
DuplicateHandle
GetTempFileNameA
GetCurrentProcessId
HeapCreate
GetCurrentProcess
lstrcpyW
SizeofResource
GetTimeFormatW
SetFilePointer
MapViewOfFile
GetSystemInfo
HeapAlloc
GetLocalTime
DeleteCriticalSection
GetFileSize
GetTickCount
IsValidCodePage
CompareStringA
IsValidLocale
GetSystemDirectoryA
GetStartupInfoW
FormatMessageW
TlsFree
GetTempFileNameW
LocalFree

advapi32

InitializeAcl
DeregisterEventSource
RegEnumKeyExA
EqualSid
RegCreateKeyExA

msvcrt

_wtoi
realloc
iswdigit
wcstol
__set_app_type
_adjust_fdiv
iswspace
_unlock
exit
wcsstr
__getmainargs
__CxxFrameHandler
_vsnwprintf
__p__commode

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 469KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05b1d7915dacdf05941f35ef2d861bf1

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

Sections

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 249KB - Virtual size: 249KB

.data Size: 469KB - Virtual size: 1.9MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 249KB - Virtual size: 249KB

.data
Size: 469KB - Virtual size: 1.9MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB