dddac535543b01717fad1b6728afb768_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dddac535543b01717fad1b6728afb768_JaffaCakes118
Size

56KB
MD5

dddac535543b01717fad1b6728afb768
SHA1

02a9ebad5c804e18df671f8a15e465222dc58388
SHA256

4c6fed24ceb9cfbb7b483a3b49a4f419c784ba946e84d346ae9abcf6e174b9d2
SHA512

488621128bea9a1cb5f22705bc8f6e1a589f26caec128b09f673590b532916d834a1678f48946a1c373e752b5bfdd6f1a4a33318d94c2925e80ddca2c5467146
SSDEEP

768:MvJtstqiIhZ9KvWZtpT1/reyb0cNKhQOg78Kq9PpONqc9XtftidPF:MvTwEhZ8WZnTx70cN4QOzKq9+D9fid

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dddac535543b01717fad1b6728afb768_JaffaCakes118

Files

dddac535543b01717fad1b6728afb768_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a5a90038c7dec4c41269a665b7e5316

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
FindNextFileA
FindFirstFileA
WinExec
TerminateProcess
Sleep
lstrcmpiA
MultiByteToWideChar
SetThreadPriority
GetCurrentThread
GetLocalTime
GetVersionExA
GetPrivateProfileIntA
CreateProcessW
GetStartupInfoW
LoadLibraryA
GetPrivateProfileStringW
lstrcatW
OutputDebugStringA
CreateThread
QueryDosDeviceA
GetLogicalDriveStringsA
DeleteFileA
GetCurrentThreadId
GetProcAddress
GetStartupInfoA
GetModuleHandleA
LocalFree
WideCharToMultiByte
OpenProcess
GetLastError
GetCommandLineA
GetVersion
ReadProcessMemory
GetPrivateProfileIntW
CloseHandle

user32

MessageBoxA
ShowCursor
CreateDesktopA
GetThreadDesktop
SetThreadDesktop
CloseDesktop
IsWindow
SendMessageA
FindWindowA
FindWindowExA
PostMessageA
wsprintfA

advapi32

LookupPrivilegeValueA
OpenProcessToken
SetNamedSecurityInfoA
SetEntriesInAclA
BuildExplicitAccessWithNameA
GetNamedSecurityInfoA
AdjustTokenPrivileges

shell32

SHChangeNotify
SHGetSpecialFolderPathW
SHFileOperationA
SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
OleRun
CoUninitialize

oleaut32

SysFreeString
VariantClear
SysAllocString
VariantCopy
VariantInit
GetErrorInfo

rasapi32

RasEnumConnectionsA
RasGetErrorStringA
RasHangUpA

psapi

GetProcessImageFileNameA

shlwapi

PathRemoveFileSpecA

msvcrt

__p__commode
_adjust_fdiv
__set_app_type
__dllonexit
_onexit
??1type_info@@UAE@XZ
_controlfp
_strcmpi
__p__fmode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_CxxThrowException
_wcsupr
wcslen
rename
printf
strchr
strstr
_except_handler3
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
mbstowcs
free
_snprintf
sprintf
fopen
fread
_mbsnbcpy
_mbsstr
_mbslwr
fclose

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a5a90038c7dec4c41269a665b7e5316

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

rasapi32

psapi

shlwapi

msvcrt

Sections

.text Size: 52KB - Virtual size: 51KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 51KB

.rsrc
Size: 3KB - Virtual size: 3KB