d59c640553eca6275ab16520aa0ecfb3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d59c640553eca6275ab16520aa0ecfb3_JaffaCakes118
Size

216KB
MD5

d59c640553eca6275ab16520aa0ecfb3
SHA1

06b3ca983da5f069090eb25489dc6e626772ae16
SHA256

fd0f93f77a979de2b33c909e27af61540382ad208f822a8efa94c127fd65fe7b
SHA512

51f67383ce6b5bae8039f1794749a9633ab89faa4703cf41870f5ed1701cc8e9ad90405149a4ae8b600c23e6e54bcc64103e72160e472d177eb7b19661aa27e0
SSDEEP

3072:Ck1uwHD67uhGCWY4OylJjtMzzgOfk3HAIUzYB4QD5MnyVx/P5yelQETJ:buyLuOe4zgJfUUBTMGx3tlfJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d59c640553eca6275ab16520aa0ecfb3_JaffaCakes118

Files

d59c640553eca6275ab16520aa0ecfb3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f95cbaa1f51315237045c26c85ea2a25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
EnumSystemCodePagesA
GlobalFindAtomW
FindFirstFileExW
OutputDebugStringW
DuplicateHandle
GetCommandLineW
CreateMutexW
SetEndOfFile
AreFileApisANSI
GetProfileStringA
GetModuleHandleA
DebugBreak
GenerateConsoleCtrlEvent
RemoveDirectoryW
ReadConsoleA
GetEnvironmentVariableW
GlobalGetAtomNameW
SetErrorMode
GetBinaryTypeA
_lopen
TlsGetValue
VirtualQuery
ReleaseMutex
lstrcpyA
ReadFileScatter
CompareStringA
WritePrivateProfileStructA
DeleteFiber
GetLargestConsoleWindowSize
GetSystemDirectoryW
GlobalUnlock
GlobalFree
VirtualAlloc
GetStartupInfoA

user32

GetInputState
GetTabbedTextExtentA
CharToOemBuffA
GetClassInfoExW
CharNextW
RegisterClassA
AppendMenuA
SystemParametersInfoA
ChildWindowFromPoint
GetMonitorInfoW
SetKeyboardState
TrackMouseEvent
EnumDesktopsA
GetCapture
CreateDialogParamA
GetClipboardViewer
LoadIconA
EnumDisplaySettingsA
UnregisterDeviceNotification
FindWindowW
InvertRect
GetWindowWord
RedrawWindow
ToUnicode
CheckMenuRadioItem
DestroyWindow
GetClipboardFormatNameW
RemovePropA
GetKeyboardLayoutNameW
IsWindow
GetClassLongA

gdi32

Ellipse
SetWindowExtEx
GetPixel
LineTo
SetPixelV
SetBrushOrgEx

advapi32

AbortSystemShutdownA
RegCreateKeyExW
RegEnumKeyA
LookupPrivilegeValueA
GetAce
RegEnumValueW
SetServiceStatus
OpenSCManagerW
RegSetKeySecurity
RegOpenKeyW
RegFlushKey
NotifyBootConfigStatus

comctl32

CreatePropertySheetPageA

version

VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_mbslen
_fullpath
_pipe
_wspawnvp
_wspawnv
perror
_tzset
_fileno
_sleep
vwprintf
strrchr
remove
_eof
free
_setmbcp
_controlfp

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f95cbaa1f51315237045c26c85ea2a25

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

version

msvcrt

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 209KB - Virtual size: 209KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 209KB - Virtual size: 209KB