dcf5fae699e9b91c754f7885c5a0cf1f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dcf5fae699e9b91c754f7885c5a0cf1f_JaffaCakes118
Size

1.1MB
MD5

dcf5fae699e9b91c754f7885c5a0cf1f
SHA1

8d78378b6943545d29870f18f06ba9aed0701239
SHA256

1cc5829ba6ac71e07d91642fe59bc10a218dc04e2da38f2c21fb0c05c1feed47
SHA512

14680806047bf4971e1d5171db7d1966bed4be123978c14df4d8250142e8566466472edd223045fee31050ec9e74605916c1358041b63eee39d543087f96cb03
SSDEEP

24576:TI7j1TJRIuOirfzdO+7V2V/QLwGhSZ/bcZ/+VoTcEYma5IB:TUJluuO8dF8SZ/m8Da5I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcf5fae699e9b91c754f7885c5a0cf1f_JaffaCakes118

Files

dcf5fae699e9b91c754f7885c5a0cf1f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e8d21265dd959165950364441d53eb70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetDriveTypeA
GetFileInformationByHandle
ReadConsoleInputA
SizeofResource
FindAtomA
GetProfileSectionA
CloseConsoleHandle
FindFirstVolumeA
GetCurrentProcess
WriteConsoleOutputCharacterA
GetExitCodeProcess
FlushViewOfFile
LockFile
MoveFileWithProgressA
SetFilePointer
VirtualAllocEx
UnlockFileEx
GetProcessHeap
GetCurrentThreadId
MoveFileExW
LocalUnlock
lstrcpynA
GetTempPathA
FindNextVolumeMountPointA
GetEnvironmentVariableA
VirtualAllocEx
GetConsoleAliasExesLengthA
GetCommandLineA
DeleteFileA
SetFileTime
HeapSize
SetFilePointer
GetDefaultCommConfigA
_hwrite
LCMapStringA
RemoveDirectoryA
GetLastError
Process32Next
CloseHandle
IsSystemResumeAutomatic
SetHandleInformation
lstrlenA
CommConfigDialogA
UpdateResourceA
TermsrvAppInstallMode
GetCurrentConsoleFont
GetComputerNameA
ReadConsoleOutputCharacterA
lstrcatA
Module32First
WinExec
WriteFileGather
SetConsoleCursor
GetThreadTimes
SetFileAttributesA
GetVolumePathNamesForVolumeNameA
SetConsoleNumberOfCommandsA
GetFileSizeEx
OpenSemaphoreA
GetConsoleScreenBufferInfo
SetFileAttributesA
LockFileEx
ExpandEnvironmentStringsA
GetTempFileNameA
WriteConsoleOutputA

user32

EnableScrollBar
SendIMEMessageExA
MessageBoxExA
LockSetForegroundWindow
CreateDialogIndirectParamA
MenuWindowProcA
OpenDesktopA
DeregisterShellHookWindow
RemovePropA
ReleaseCapture
DrawIconEx
GetLastActivePopup
OemToCharBuffA
SetWindowPos
ClientToScreen
SetWindowTextA
ChangeDisplaySettingsExA
GetClipboardViewer
GrayStringA
MessageBoxExA
ChangeDisplaySettingsExA
RegisterClassExA
IsChild
EnumPropsA
SetMessageQueue
CharToOemA
SetPropA
DrawMenuBarTemp
DefMDIChildProcA
ShowCursor
SystemParametersInfoA
LoadLocalFonts
UnloadKeyboardLayout
DlgDirListComboBoxW
CascadeChildWindows
SwitchDesktop
GetScrollRange
GetMenuStringA
SendDlgItemMessageA
BroadcastSystemMessageA
BroadcastSystemMessageExA
IsDlgButtonChecked
GetDC
SetRectEmpty
RealGetWindowClassA
DialogBoxIndirectParamA
SetMessageQueue
DestroyWindow
RemovePropA
EnumChildWindows
SetCursor
ShowStartGlass
SendInput
IsMenu
CheckRadioButton
CascadeWindows
GetClientRect
RemovePropA
IsWindowEnabled
PaintMenuBar
DispatchMessageA
FindWindowExW
CallMsgFilterA
TrackMouseEvent
GetMenuCheckMarkDimensions
EnableScrollBar

advapi32

AddAccessDeniedObjectAce

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8d21265dd959165950364441d53eb70

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 33KB - Virtual size: 36KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 33KB - Virtual size: 36KB