dbc2f0f7655dc31fb05b432cce4c8fcf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbc2f0f7655dc31fb05b432cce4c8fcf_JaffaCakes118
Size

24KB
MD5

dbc2f0f7655dc31fb05b432cce4c8fcf
SHA1

b76d2e66ffe0c5ace50d2c7cef09494c87474c53
SHA256

14d5b60ac0df5c0a06df0c5f86d88264d3142e01459ea56bc917790c25d25a77
SHA512

0f25d68e5d22175a4152106bb42044b3dc13f64cc060fdc2413981fa2941ab450d9dc7a97df21c18cbe8c4da1e4ec3cf86decb16db093a119491c630e2767902
SSDEEP

768:J5044Ojfr4Vf/INC28wt+Xop1MWQ4kbXX5:J51fr4VHGC28wtjHaZbXp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbc2f0f7655dc31fb05b432cce4c8fcf_JaffaCakes118

Files

dbc2f0f7655dc31fb05b432cce4c8fcf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30a7cb885a539f5dd30db6d85d08106a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
InitiateSystemShutdownW
OpenThreadToken
LockServiceDatabase
DestroyPrivateObjectSecurity
GetServiceKeyNameW
GetUserNameW
CryptDeriveKey
LookupAccountSidA
NotifyChangeEventLog
GetServiceDisplayNameA
GetUserNameA
AbortSystemShutdownA
UnlockServiceDatabase
RegOpenKeyW
RegEnumValueA
RegRestoreKeyW
GetFileSecurityA
RegDeleteKeyA
RegReplaceKeyA
CryptGetProvParam

msvcrt

strstr
_strnicmp
_wenviron
_adj_fprem
memcpy
fgetws
wcstok
_filbuf
_isatty
asctime
_execvp
_chdir
_wfdopen
_adj_fdiv_m64
_statusfp
memchr
_mbscmp
_fileinfo
_getdiskfree
atol
_daylight
_spawnlp
cosh
_wspawnvp
strspn
_acmdln
_fcloseall
wcstod
_ismbcl0
__p__pgmptr
_wexecv
getenv
towlower
cos
iswspace
_ultoa
setvbuf
_wutime
_ismbbgraph
__wargv
_hypot
_strlwr
strtok
_mbslwr

kernel32

FindClose
VirtualAlloc
OpenWaitableTimerW
Sleep
lstrcmpiA
IsValidLocale
WaitNamedPipeW
VirtualFree
RaiseException
lstrcmp
SetLocaleInfoW
OutputDebugStringA
lstrcmpiW
EnumResourceLanguagesW
GetVersionExW
GlobalFindAtomW
CreateDirectoryA
lstrcmpA
HeapSize
MoveFileExW
GetStartupInfoW
MoveFileExA
ExitProcess
GetSystemTime
lstrcmpW
ReadConsoleOutputCharacterA
GetLocalTime
GetLongPathNameW
PostQueuedCompletionStatus
GetModuleHandleW
lstrlenA
InitializeCriticalSection
MapViewOfFileEx
GetStringTypeA
SetComputerNameA
DefineDosDeviceA
GetModuleHandleA
lstrlenW
CallNamedPipeA
FormatMessageA
OutputDebugStringW
EnumDateFormatsExA

gdi32

RectInRegion
GetCharABCWidthsFloatA
SetBkMode
SetStretchBltMode
GetViewportOrgEx
CreateHatchBrush
GetViewportExtEx
GetObjectA
SwapBuffers
EqualRgn
GetTextMetricsA
GetFontLanguageInfo
PolyTextOutW
GetWinMetaFileBits
GetGraphicsMode
GetTextMetricsW
RealizePalette
CopyEnhMetaFileA
GetCharABCWidthsFloatW
GetMetaRgn
GetObjectW
GetObjectType
CreateCompatibleDC
GetMiterLimit
CreateBrushIndirect
CreateFontIndirectA
AnimatePalette

Sections

.text
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cjm
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nado
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30a7cb885a539f5dd30db6d85d08106a

Headers

File Characteristics

Imports

advapi32

msvcrt

kernel32

gdi32

Sections

.text Size: 14KB - Virtual size: 15KB

.cjm Size: 5KB - Virtual size: 13KB

.nado Size: 3KB - Virtual size: 26KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 15KB

.cjm
Size: 5KB - Virtual size: 13KB

.nado
Size: 3KB - Virtual size: 26KB

.reloc
Size: 1024B - Virtual size: 1KB