d2dc7a50e8456227d0bd95bd710cde9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2dc7a50e8456227d0bd95bd710cde9f_JaffaCakes118
Size

248KB
MD5

d2dc7a50e8456227d0bd95bd710cde9f
SHA1

c0d6ea524d494d25b9aa93a61f20022d086430a4
SHA256

eb849c0861e313b09da70bc2370922b81db463a0d550ee6c2559c78dfccb2d3f
SHA512

a9b77d7bc07c797a2857da56dbf9130a19262e0f602489bb298ae19ed84dbac073ffa9aaac9ee000e79a392313bd5c17b436b4d9c8a273833f897324efe93fce
SSDEEP

6144:YOBTvgOJD6FbSI8XWfQSMwNQD26D4naO8w6zjIp:VT8FbJ8XWfQiNQD26fO76z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2dc7a50e8456227d0bd95bd710cde9f_JaffaCakes118

Files

d2dc7a50e8456227d0bd95bd710cde9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3251773d263a4f2f178848c60e79e612

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
lstrcmpiW
GetDriveTypeW
lstrcatW
WaitNamedPipeA
SetCommTimeouts
WritePrivateProfileStringW
EnumResourceLanguagesW
UnhandledExceptionFilter
EnumDateFormatsW
GlobalDeleteAtom
GetWindowsDirectoryA
GetCompressedFileSizeW
GenerateConsoleCtrlEvent
_lopen
FillConsoleOutputCharacterA
PeekConsoleInputW
_hread
GetThreadContext
SetFileTime
CreateIoCompletionPort
GetDriveTypeA
WritePrivateProfileStringA
CompareStringA
GetCommModemStatus
DuplicateHandle
ReleaseMutex
DeleteCriticalSection
GetProcessTimes
FatalAppExitA
GetCommandLineA
GetTempPathW
VirtualProtect
GetStartupInfoA
GetFileAttributesExA
SetHandleCount
GetConsoleCursorInfo
InitializeCriticalSection
LeaveCriticalSection
EnumResourceNamesW
GetThreadPriority
DeleteFiber
GetSystemTimeAdjustment
CreateDirectoryW
EndUpdateResourceA
GetVersionExA
lstrlenA
VirtualAlloc
GetLongPathNameA
ExitProcess

user32

GetWindowTextA

gdi32

CombineRgn
GetEnhMetaFileDescriptionA
EqualRgn
PaintRgn
SetGraphicsMode
GetDCOrgEx
GetBkMode
CopyMetaFileA
GetTextMetricsW
SetDIBColorTable
GetROP2

advapi32

BuildTrusteeWithNameW

shell32

SHGetPathFromIDListA

ole32

CoGetClassObject
CoRegisterClassObject
StringFromGUID2

oleaut32

SysFreeString
SysAllocStringLen
SafeArrayCreate
VariantCopy
SetErrorInfo
SafeArrayUnaccessData
VariantChangeType
SafeArrayGetElement

comctl32

ImageList_BeginDrag
ImageList_Draw
ImageList_SetIconSize
ImageList_Remove

shlwapi

PathQuoteSpacesA
PathRelativePathToA
SHAutoComplete
SHRegSetUSValueW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3251773d263a4f2f178848c60e79e612

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 232KB - Virtual size: 229KB