dc419d971d6fa989569f7c48775dca77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc419d971d6fa989569f7c48775dca77_JaffaCakes118
Size

373KB
MD5

dc419d971d6fa989569f7c48775dca77
SHA1

9f88956818b268716e6e6adc4378415ae0d1aeee
SHA256

d99c6248c2128eca9c03633b314ba6a9a7617b499845cdfb651161c1289b2523
SHA512

efd57c839cc7cc1b92483c41a983dd56bd414a346c4a8b051a040cd45a9a86422fdae1ceae5430758f8e8768377280d3fc1b6a53c373b1d3e3ae052de1bb9042
SSDEEP

6144:r+Axuj5IAVAMl5HBuidwXOlrqlUyOIRbPeP256zUwbb6DAILvsQFKHaC8VJkHEqr:6A07XBuiygWlUyrpPtEbb6DbLPFKHaCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc419d971d6fa989569f7c48775dca77_JaffaCakes118

Files

dc419d971d6fa989569f7c48775dca77_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ee9e09fe94bad7b4370c475f6ef18a03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord823
ord825

msvcrt

malloc
free
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
__CxxFrameHandler
_purecall
wcslen
wcsncpy
_except_handler3
_wcsnicmp

atl

ord16
ord18
ord22
ord15
ord32
ord21

kernel32

GetProcAddress
LoadLibraryW
SetLastError
Sleep
OutputDebugStringA
LoadLibraryA
CreateThread
TryEnterCriticalSection
GlobalFree
GlobalSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
CloseHandle
GetLastError
lstrlenW
GetCurrentThreadId
GlobalLock
EnterCriticalSection
LeaveCriticalSection
DisableThreadLibraryCalls
lstrcmpiW
GetModuleFileNameW
GetModuleHandleW
UnhandledExceptionFilter
GlobalUnlock

user32

GetDlgCtrlID
WinHelpW
GetWindowTextLengthW
UpdateWindow
GetDlgItem
PostMessageW
SendMessageW
RegisterClipboardFormatW
LoadStringW
wsprintfW
ShowWindow
SetWindowTextW
GetWindowTextW
SetWindowLongW
CheckDlgButton
IsDlgButtonChecked
GetWindowLongW
EndDialog
SetFocus
IsWindow
SendDlgItemMessageW
GetActiveWindow
DialogBoxParamW
MessageBoxW
EnableWindow

advapi32

RegOpenKeyExA
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyW
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW
RegCloseKey

ole32

CoCreateInstance
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdggg
Size: 173KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ggu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdggu
Size: 173KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee9e09fe94bad7b4370c475f6ef18a03

Headers

File Characteristics

Imports

mfc42

msvcrt

atl

kernel32

user32

advapi32

ole32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 8KB

.gdggg Size: 173KB - Virtual size: 176KB

.ggu Size: 512B - Virtual size: 4KB

.gdggu Size: 173KB - Virtual size: 220KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 8KB

.gdggg
Size: 173KB - Virtual size: 176KB

.ggu
Size: 512B - Virtual size: 4KB

.gdggu
Size: 173KB - Virtual size: 220KB

.rsrc
Size: 3KB - Virtual size: 3KB