dc50f990246f2325cec8f20cbf3a2725_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc50f990246f2325cec8f20cbf3a2725_JaffaCakes118
Size

75KB
MD5

dc50f990246f2325cec8f20cbf3a2725
SHA1

951d19340392e1856a21535572b0906e90bb8612
SHA256

61ac40da7116a906ef95005feb8244204599200e62cbe02ad67acc6807a49c63
SHA512

8701d3da119dc1a63d7c02a447e8f7b263458bc4fe6a930a263aeb63fabc029f9b6fa5989acb13aba09e5bb8cb59c93de6aea73a617e4840bfe4da99355a0978
SSDEEP

1536:80EBd00wtQxma3LdV/00FTkREtPwQtDRdBHgf3O:8br00w2x5lqEtPtVRPHeO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc50f990246f2325cec8f20cbf3a2725_JaffaCakes118

Files

dc50f990246f2325cec8f20cbf3a2725_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c9167698fabd18a68a311c1ee7b719d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
CreateProcessA
GetEnvironmentVariableA
GetShortPathNameA
RemoveDirectoryA
MoveFileA
RemoveDirectoryW
CreateThread
GetTempFileNameA
GetVersion
LocalAlloc
LocalFree
LoadLibraryW
ExitProcess
GetCurrentProcessId
GetFileTime
GetModuleFileNameW
WideCharToMultiByte
CreateProcessW
Sleep
GetTickCount
FreeLibrary
LoadLibraryA
GetProcAddress
GetCurrentThreadId
GetCommandLineW
GetModuleHandleA
MoveFileW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InitializeCriticalSection
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapAlloc
GetCommandLineA
HeapFree
GetVersionExA
GetProcessHeap
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
WriteFile
GetStdHandle
GetModuleFileNameA
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement

user32

GetKeyNameTextW
GetWindowTextW
GetWindowTextLengthW
UpdateWindow
GetFocus
SetFocus
EnumChildWindows
SetWindowPos
AppendMenuA
CreatePopupMenu
DrawFrameControl
FillRect
IsDialogMessageW
PostMessageA
CreateDialogIndirectParamA
DialogBoxIndirectParamA
SetWindowLongA
CheckRadioButton
EndDialog
SendDlgItemMessageW
OffsetRect
LoadImageA
DrawIcon
SetForegroundWindow
IsClipboardFormatAvailable
SystemParametersInfoA
GetWindowTextLengthA
RegisterClassExA
SetWindowsHookExA

Exports

Exports

ambahuhfwgbsn
fieddzzheippdbnboajow
npkqplad
ohrjcmwxvnpkhara
splhumzxkq
wnalecsujpjzsahzfmnbowoho
wwdamvyhcg
zllbggapznegnha

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c9167698fabd18a68a311c1ee7b719d

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 54KB

.data Size: 19KB - Virtual size: 21KB

.rsrc Size: 1024B - Virtual size: 864B

.text
Size: 54KB - Virtual size: 54KB

.data
Size: 19KB - Virtual size: 21KB

.rsrc
Size: 1024B - Virtual size: 864B