ddec3d9508d58f5e79a92622ca4fddc4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ddec3d9508d58f5e79a92622ca4fddc4_JaffaCakes118
Size

132KB
MD5

ddec3d9508d58f5e79a92622ca4fddc4
SHA1

fae95f6a5a600c56d9cbb1c5495dcb30e209b220
SHA256

d0ce350f6865aa701fbfb53c5e3c962269ca2fee9a10543be90611049e0f99c3
SHA512

96fb65baa069c4fc9e05416a3b7fa4a21d0285d27e0b450eddb837b65301b0f58a8bcc91b46a70ec4eaf0345fc857908595f304b9a4b683ee798cbc4b2e1297f
SSDEEP

1536:REDgNOR+Owc1Bn6NZZncAlMUNjIo0g0MqPwfJ:REZsy1Bn6NZZncyVNfJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddec3d9508d58f5e79a92622ca4fddc4_JaffaCakes118

Files

ddec3d9508d58f5e79a92622ca4fddc4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ff4f1745391f51da68332c155e00668

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EndPage

setupapi

SetupGetMultiSzFieldW
SetupInstallFilesFromInfSectionW

oleaut32

VarCyFromI4

shlwapi

StrCpyW
PathRemoveExtensionW

kernel32

_lcreat
GetProcessHandleCount
GetFullPathNameW
CopyFileA
VirtualProtect

powrprof

WriteGlobalPwrPolicy

imm32

ImmAssociateContext

wintrust

CryptCATCDFClose
CryptCATCDFOpen

advapi32

IsWellKnownSid

user32

SystemParametersInfoA
wsprintfA
PeekMessageW
DrawTextW

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.4WA2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 942B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ds9x2o
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LDbID_
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Io9vYc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ff4f1745391f51da68332c155e00668

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

setupapi

oleaut32

shlwapi

kernel32

powrprof

imm32

wintrust

advapi32

user32

Sections

.text Size: 16KB - Virtual size: 14KB

.4WA2 Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 942B

Ds9x2o Size: 24KB - Virtual size: 23KB

LDbID_ Size: 24KB - Virtual size: 22KB

Io9vYc Size: 52KB - Virtual size: 49KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 14KB

.4WA2
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 942B

Ds9x2o
Size: 24KB - Virtual size: 23KB

LDbID_
Size: 24KB - Virtual size: 22KB

Io9vYc
Size: 52KB - Virtual size: 49KB

.rsrc
Size: 4KB - Virtual size: 1KB