dc67212f76db5fb88f5eb5d53e4697c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc67212f76db5fb88f5eb5d53e4697c2_JaffaCakes118
Size

136KB
MD5

dc67212f76db5fb88f5eb5d53e4697c2
SHA1

750d753ccb7239003fa92c0b469a9efa63ef2b14
SHA256

220ba6b9689765ca797e26f0950f136c3cad12dae5a134f23582daa753ac30b6
SHA512

85feaa3ad59e3b828256fa81eccce27c93bb6d04ce467338bea2cdb5d6ff84a3e41d56d76076fd7d0441feb0c904d67bd93c5a5869fef30c1cb44024a40c2c1b
SSDEEP

3072:0yRGKqIVwvhoLSvDEo9VzkxXbadjHzYguVV:/77LKDlGxXb6JuVV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc67212f76db5fb88f5eb5d53e4697c2_JaffaCakes118

Files

dc67212f76db5fb88f5eb5d53e4697c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

047e06717dd52ff91416a508c77a4a89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReplyMessage
OpenIcon
WindowFromPoint

kernel32

GetUserDefaultLangID
LockResource
CopyFileA
GetPrivateProfileIntA
SetFileAttributesA
GetPrivateProfileStringA
lstrlenA
ExitProcess
GlobalLock
GetVersionExA
GetAtomNameA
SetEvent
AddAtomA
lstrlenW
OpenEventA
Sleep
GlobalUnlock
RemoveDirectoryA
SetLastError
LoadResource
GetCommandLineA
HeapCreate
ValidateLocale
SetErrorMode
FormatMessageA
GetModuleHandleA
CreateProcessA
SleepEx
GetShortPathNameA
GetTempFileNameA
GetTempPathA
HeapDestroy
HeapAlloc
RtlUnwind
GlobalFree
HeapFree
MultiByteToWideChar
CompareStringA
InterlockedDecrement
CreateDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetStartupInfoA
CreateFileA
DeleteFileA
CompareStringW
GlobalAlloc
LocalFree
FindResourceExA
lstrcpyA
CloseHandle
GetFileAttributesA
ReadFile
FindResourceA
lstrcatA
RegisterWowExec
WideCharToMultiByte
WaitForSingleObject
GetLastError
GetSystemTimeAdjustment
GetSystemDirectoryA
CallNamedPipeW
Sleep
EnumResourceTypesA
GetStringTypeExA
GetTimeFormatA
PeekNamedPipe

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

ole32

CoFreeAllLibraries
CoCreateInstance
CoUninitialize
CoInitialize

gdi32

UnrealizeObject

advapi32

RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

047e06717dd52ff91416a508c77a4a89

Headers

File Characteristics

Imports

user32

kernel32

oleaut32

ole32

gdi32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 2KB

.text1 Size: 120KB - Virtual size: 120KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 2KB

.text1
Size: 120KB - Virtual size: 120KB