df288e63612186909acfc691a5331de8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df288e63612186909acfc691a5331de8_JaffaCakes118
Size

96KB
MD5

df288e63612186909acfc691a5331de8
SHA1

41b990e96581ef86e8c760a487a2f468a6d80864
SHA256

1e13f5cffda130b15849234de9a964d53255c11ebbfb1543af24d157944e6773
SHA512

b5d91040c4542834f13be65e3f7282c7c1c7fb0d89b1e5dd32fdeea1547db32d82e486fbb1a00448d4de9cc4edf2eb5cf347d8fe61af2a3b6078dcaf3b51f62c
SSDEEP

1536:ue4vpnF9K2NsdwnTQ7SovcLxJovILPocJHKXK:ue0BFc2iwnTOcM3cJHKXK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df288e63612186909acfc691a5331de8_JaffaCakes118

Files

df288e63612186909acfc691a5331de8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

372574125c82bc40f2b1aa64671eb685

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
SetCurrentDirectoryA
GetPrivateProfileIntA
lstrcpynA
GetStartupInfoA
CreateDirectoryA
GetPrivateProfileStringA
GetFullPathNameA
CopyFileA
FormatMessageA
FindResourceA
LoadResource
LockResource
GetSystemDefaultLCID
GetCurrentProcess
SetLastError
GetModuleFileNameA
WaitForSingleObject
GetExitCodeProcess
GetFileAttributesA
DeleteFileA
RemoveDirectoryA
GetTempPathA
OpenEventA
CreateEventA
LocalAlloc
LocalFree
GetVersion
GetCurrentThread
HeapReAlloc
CreateProcessA
SetErrorMode
GetLastError
WideCharToMultiByte
GetVersionExA
lstrlenA
GetWindowsDirectoryA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
CloseHandle
GlobalAlloc
GlobalLock
HeapAlloc
GlobalUnlock
GlobalFree
FindFirstFileA
FindClose
GetProcessHeap
HeapFree
SetFileAttributesA
WritePrivateProfileStringA
GetSystemDirectoryA
MultiByteToWideChar
GetCommandLineA
GetCurrentDirectoryA
GetModuleHandleA
SetEndOfFile
FileTimeToLocalFileTime
GetTimeZoneInformation
GetDriveTypeA
GetACP
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadWritePtr
VirtualAlloc
TerminateProcess
FileTimeToSystemTime
GetEnvironmentVariableA
SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapCreate
SetHandleCount
GetEnvironmentStringsW
SetFilePointer
ReadFile
GetStringTypeW
GetStringTypeA
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualFree
RtlUnwind
ExitProcess
GetStdHandle
GetFileType
WriteFile
LCMapStringA
HeapDestroy
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsW
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

wsprintfA
EndDialog
PeekMessageA
LoadStringA
DispatchMessageA
DialogBoxParamA
MsgWaitForMultipleObjects
MessageBoxA

comdlg32

CommDlgExtendedError
GetOpenFileNameA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
ImpersonateSelf
OpenThreadToken
AccessCheck
RevertToSelf
AllocateAndInitializeSid
FreeSid

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

mpr

WNetCancelConnection2A

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

sqlresld

SQLUILoadResourceDLL
SQLUIUnloadResourceDLL

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

372574125c82bc40f2b1aa64671eb685

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

mpr

version

sqlresld

Sections

.text Size: 64KB - Virtual size: 62KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 32KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 32KB