d6269767ddf077503de4b1135b86e2b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6269767ddf077503de4b1135b86e2b5_JaffaCakes118
Size

92KB
MD5

d6269767ddf077503de4b1135b86e2b5
SHA1

b87ae86a0c7d5054de99826e3a8cd17a7ba8d5d4
SHA256

7a4a55b4e626ec6451a7d9719a00fce35475cd9322ddb3ddc15f1aa876ef6540
SHA512

11c2200f7f5b5f945559aac3fb8bdb0bfa17a6a6de082a762d9df12bd30d6c08df350e50f672da4bb06b723d3627d64be67c4935c712f7d512a3aed99974193d
SSDEEP

1536:bUSya7XhBv+8tckdHdYOkHKgoKXuN8Wv6s4V1fiFD1hKOKUVpiMxYRm0/GWWchYg:ASya7hBvr+kdmnqgoQuNnv6s41KF5YeW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6269767ddf077503de4b1135b86e2b5_JaffaCakes118

Files

d6269767ddf077503de4b1135b86e2b5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d8a65d2cd00c0563e7370b04835cce1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

atmlib

ATMEnumFonts

advapi32

RegCreateKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
SetNamedSecurityInfoW
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyW
GetSecurityDescriptorDacl
RegQueryValueExA

cmdial32

AutoDialFunc

msvcrt

_wcslwr
_wcsnicmp
printf
wcsncmp
_purecall
free
strncpy
malloc
_except_handler3
wcscmp
wcsrchr
memmove
fopen
_strupr
_initterm
memcpy
sscanf
fwrite
fclose
mbstowcs
fseek
fread
wcslen
wcstombs
_strlwr
_adjust_fdiv
strstr
memset

ntdll

NtCreateFile

crypt32

RegCreateHKCUKeyExU

kernel32

CopyFileA
CreateDirectoryW
CreateFileA
GetWindowsDirectoryW
RemoveDirectoryW
QueryPerformanceCounter
TlsAlloc
UnhandledExceptionFilter
InitializeCriticalSection
WaitForSingleObject
GetTickCount
GetFileAttributesW
HeapAlloc
TlsGetValue
DeleteCriticalSection
VirtualAlloc
FreeLibrary
GetVersionExA
LocalFree
FindNextFileW
GetVersion
GetCurrentProcessId
GetSystemTimeAsFileTime
FindClose
TerminateProcess
GetSystemTime
lstrlenA
HeapFree
TlsSetValue
FreeEnvironmentStringsW
SetFileAttributesW
ExitProcess
GetEnvironmentStringsW
EnterCriticalSection
FindFirstFileW
GetDiskFreeSpaceA
GetVersionExW
GetLocalTime
SetLastError
SetEvent
CreateFileMappingW
LeaveCriticalSection
CloseHandle
WideCharToMultiByte
GetCurrentProcess
GetEnvironmentStrings
lstrlenW
SetUnhandledExceptionFilter
MapViewOfFile
DeleteFileW
GetFileAttributesA
VirtualFree
GetWindowsDirectoryA
SetFileAttributesA
CreateEventA
GetCurrentThreadId
UnmapViewOfFile
TlsFree
GetLastError
Sleep
LoadLibraryW
GetProcessHeap
LoadLibraryA
GetModuleHandleW
GetSystemDirectoryA
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
GlobalMemoryStatus
FreeEnvironmentStringsA
GetProcAddress
VirtualProtect
DeviceIoControl

Sections

.textbss
Size: - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d8a65d2cd00c0563e7370b04835cce1

Headers

DLL Characteristics

File Characteristics

Imports

atmlib

advapi32

cmdial32

msvcrt

ntdll

crypt32

kernel32

Sections

.textbss Size: - Virtual size: 432KB

.text Size: 512B - Virtual size: 464B

.idata Size: 89KB - Virtual size: 88KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 1024B - Virtual size: 892B

.reloc Size: 512B - Virtual size: 32B

.textbss
Size: - Virtual size: 432KB

.text
Size: 512B - Virtual size: 464B

.idata
Size: 89KB - Virtual size: 88KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 1024B - Virtual size: 892B

.reloc
Size: 512B - Virtual size: 32B