dcbfbb03fb9a3d8407153f407bfd0a9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dcbfbb03fb9a3d8407153f407bfd0a9f_JaffaCakes118
Size

579KB
MD5

dcbfbb03fb9a3d8407153f407bfd0a9f
SHA1

d0fb2cd51f44edef50587b0d2022f00e4f0db597
SHA256

13354c35fdae88a2f47053cc419472bfb7f18cc3f4fde93ed98ced8a942eadd7
SHA512

73d92a16817c39990d1bbfc60038156682c023ad6f0ad1b14f242bb3ea1fb528810543812a09d88184c424f151e6e92678b2d50b11a8a836d1b551d5eafe44e5
SSDEEP

12288:382L6KGQak92in94Ph8k6oZuSJjxk/kXwT1rCt8Vmk2XehlT4:382L6KGQd92inmh16y2/2w9Ct3kNf4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcbfbb03fb9a3d8407153f407bfd0a9f_JaffaCakes118

Files

dcbfbb03fb9a3d8407153f407bfd0a9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a0d39890547682593c421b842063c72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA

gdi32

EnumFontsA
StartPage
AddFontResourceW
PathToRegion
AbortDoc
CreateEnhMetaFileW
Escape
GetStockObject
GetNearestPaletteIndex
GetTextExtentPoint32A

user32

SetScrollPos
GetClassInfoExA
CloseClipboard
GetForegroundWindow
GetWindowRect
FillRect
SendNotifyMessageW
DrawTextA
WinHelpW
IsClipboardFormatAvailable
SetCursorPos
PostMessageW
RegisterDeviceNotificationA
SetParent
CharToOemW
KillTimer
SetWindowsHookExA
InsertMenuW
UnregisterDeviceNotification
PeekMessageW
RegisterHotKey
PostThreadMessageW
GetDC
UnhookWinEvent
InSendMessage
GetCapture
GetKeyboardState

comctl32

ImageList_SetDragCursorImage

kernel32

GetFileAttributesA
WritePrivateProfileSectionW
SetEvent
FreeLibraryAndExitThread
GetPrivateProfileStringA
GetOEMCP
SetConsoleOutputCP
DosDateTimeToFileTime
FlushConsoleInputBuffer
GetProfileStringA
GetACP
CreateDirectoryW
FreeLibrary
FlushFileBuffers
GetEnvironmentStringsW
ExitProcess
SetConsoleCursorPosition
LocalSize
GetDriveTypeW
VirtualLock
SetupComm
GetSystemDirectoryW
FindFirstFileExW
lstrcmpiA
EnumTimeFormatsW

advapi32

LookupAccountNameA
ChangeServiceConfigW
RegQueryInfoKeyA
GetSecurityDescriptorDacl
GetSecurityInfo
RegNotifyChangeKeyValue
GetUserNameW
DeregisterEventSource
LogonUserW
CreateProcessAsUserA
CryptGetProvParam
AdjustTokenPrivileges
RegSetValueExW

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a0d39890547682593c421b842063c72

Headers

File Characteristics

Imports

version

gdi32

user32

comctl32

kernel32

advapi32

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 266KB - Virtual size: 266KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 266KB - Virtual size: 266KB

.rsrc
Size: 16KB - Virtual size: 16KB