dc1d15d45351a640223f7c645a438808_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc1d15d45351a640223f7c645a438808_JaffaCakes118
Size

50KB
MD5

dc1d15d45351a640223f7c645a438808
SHA1

d09212b00fcb46aa94e56e4796e850ffc647c348
SHA256

d72a6dfe4b8df087e8e5b83048f40c887da0296aeaec7a2494088dd34bb62a4a
SHA512

f01350afc7e9c7b5c0cc9c4428418df0ce62ece2951643331eb64ea6cb664281fc1b2e95abea47f0e4e0be5110902ba7ef9a5fc6aa737e4a4472c08f9dfff2b4
SSDEEP

1536:zGMDqy70i9ELgWlGS4Y53YON5F3rj7wh:zGMWyf6scQY53pN5Fbjk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc1d15d45351a640223f7c645a438808_JaffaCakes118

Files

dc1d15d45351a640223f7c645a438808_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c70d3ef85e607c3cedea584468dec133

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeInitializeA
GetActiveWindow
GetWindowTextA
SetDebugErrorLevel
ShowWindowAsync
ClientToScreen
DragObject
EndPaint
GetCursorInfo
GetWindowContextHelpId
EnumWindowStationsA
FlashWindowEx
LoadStringA

advapi32

GetSecurityDescriptorSacl
GetUserNameA
GetUserNameW
RegReplaceKeyA
RegSaveKeyA
SetNamedSecurityInfoA
InitiateSystemShutdownW
EqualSid
ObjectCloseAuditAlarmA
RegOpenKeyW
SetEntriesInAclA
RegOpenKeyA
GetFileSecurityA
GetEffectiveRightsFromAclA

msvcrt

_nextafter
iswctype
_putw
_cwait
_strdup
_wtmpnam
_execve
_wstat
_sopen
_wexecvp
_longjmpex
qsort
_wfdopen
getc
_seterrormode
_wfullpath
_filelength
fabs
iswxdigit
isprint
_ismbbkana
_wputenv

shell32

SheGetDirA
DragQueryFileA
DragQueryPoint
ExtractAssociatedIconW

gdi32

CreatePatternBrush
CreateDCW
CreateColorSpaceA
AbortDoc
SetPolyFillMode
SetBkMode
SetICMMode
GetBitmapDimensionEx
StrokeAndFillPath
SetMetaFileBitsEx
SetMagicColors

kernel32

GlobalFindAtomA
lstrcmpA
EnumSystemLocalesW
GetSystemTime
LocalLock
VirtualFree
GetModuleHandleA
DisableThreadLibraryCalls
lstrcmpiA
GetLocalTime
BackupRead
QueryPerformanceCounter
GetDateFormatA
VirtualAlloc
EnumDateFormatsExA
Sleep
ExitProcess
lstrcmpW
lstrlenW
TerminateProcess
GetStartupInfoW
PeekConsoleInputW
CancelDeviceWakeupRequest
GetSystemPowerStatus
lstrlenA
GetModuleHandleW
ReadConsoleOutputAttribute
VirtualFree
GetVersionExW
ReadConsoleOutputCharacterW
lstrcmpiW
CreateDirectoryA

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hew
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xkzsg
Size: 27KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c70d3ef85e607c3cedea584468dec133

Headers

File Characteristics

Imports

user32

advapi32

msvcrt

shell32

gdi32

kernel32

Sections

.text Size: 5KB - Virtual size: 6KB

.hew Size: 16KB - Virtual size: 29KB

.xkzsg Size: 27KB - Virtual size: 36KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 6KB

.hew
Size: 16KB - Virtual size: 29KB

.xkzsg
Size: 27KB - Virtual size: 36KB

.reloc
Size: 1024B - Virtual size: 1KB