d47cb61772024784a91b552885b4d0c9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d47cb61772024784a91b552885b4d0c9_JaffaCakes118
Size

825KB
MD5

d47cb61772024784a91b552885b4d0c9
SHA1

9572f6651e59ea8474abbb5b6ea4fd32e1d19603
SHA256

f41ce77e4a64ef9beba0ef431bba14adc1f79e978aa93b70eeeef9873700f7ab
SHA512

b6f27ccd48005ab231b2ab65345a64a5fe610cc178fb488c4463e57aa01db4124b228279be2c9fb5306587450d62b1f994db0bb2d69b725986986f9730e29dec
SSDEEP

24576:mzWBFVAOs3mBOzqsYSltm1ruR3Wr6ZWIcY8DqSiI5rYNXPD:mSzVAOaV1+1k3A6YKrI58NXPD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d47cb61772024784a91b552885b4d0c9_JaffaCakes118

Files

d47cb61772024784a91b552885b4d0c9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

537cec924ea75d06bd5143f595f456e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Good Gold\Desktop\MENUDEMO\Release\MENUDEMO.pdb

Imports

kernel32

HeapReAlloc
CreateFileA
GetFileSize
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FreeLibrary
HeapAlloc
SystemTimeToFileTime
QueryPerformanceCounter
HeapFree
WaitForSingleObject
InterlockedCompareExchange
UnlockFile
FlushViewOfFile
LockFile
WaitForSingleObjectEx
OutputDebugStringW
GetTickCount
UnlockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
Sleep
FormatMessageW
GetVersionExW
HeapDestroy
LeaveCriticalSection
GetFileAttributesA
HeapCreate
HeapValidate
GetFileAttributesW
ReadFile
CreateFileW
MultiByteToWideChar
FlushFileBuffers
GetTempPathW
GetLastError
GetFullPathNameA
HeapSize
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
CloseHandle
DeleteFileW
GetCurrentProcessId
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
SetEnvironmentVariableA
CompareStringW
GetStringTypeW
LCMapStringW
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetTimeZoneInformation
GetProcAddress
GetFullPathNameW
ExitThread
CreateThread
InterlockedExchange
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RaiseException
IsProcessorFeaturePresent

user32

DestroyWindow
SetTimer
GetMessageW
PostQuitMessage
KillTimer
LoadCursorW
MessageBeep
TranslateMessage
GetMenu
LoadIconW
InvalidateRect
SetClassLongW
EnableMenuItem
ShowWindow
CreateWindowExW
MessageBoxW
RegisterClassW
SendMessageW
UpdateWindow
DefWindowProcW
DispatchMessageW
CheckMenuItem

gdi32

GetStockObject

Sections

.text
Size: 550KB - Virtual size: 549KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

537cec924ea75d06bd5143f595f456e1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Sections

.text Size: 550KB - Virtual size: 549KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 205KB - Virtual size: 209KB

.rsrc Size: 1024B - Virtual size: 1004B

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 550KB - Virtual size: 549KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 205KB - Virtual size: 209KB

.rsrc
Size: 1024B - Virtual size: 1004B

.reloc
Size: 20KB - Virtual size: 19KB