df34edcbda6c7ee98429e6aae3148392_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df34edcbda6c7ee98429e6aae3148392_JaffaCakes118
Size

294KB
MD5

df34edcbda6c7ee98429e6aae3148392
SHA1

d12e3857a77fa28014a84d67df2215cfc1d03dce
SHA256

01d0754152ca0d635173e0300f5b819dcc079cdd725e5471abec8157ddb45c44
SHA512

8128cf34ed4edfd44ed4b3e055931ea52d65ecace9e433503e71e43534aeb0571140f59c56c48583f7d3c8c33b0123f86e02fd4e0021e2995007f59b6db012ea
SSDEEP

3072:zoCrle50J2MsJLC6L/Znf2vbJYQp6Z1l2MV/gth+9X1AqSrBGMgO8CDd0yZDd/YE:8Cr8a2MujZQNNMZ1NItY7n4HIsx/YSC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df34edcbda6c7ee98429e6aae3148392_JaffaCakes118

Files

df34edcbda6c7ee98429e6aae3148392_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66817a435dacecb7579ad283e69f5317

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterA
_lopen
OpenSemaphoreW
SetVolumeLabelA
VirtualAllocEx
lstrcmpiA
GetDateFormatA
ReadFileScatter
EraseTape
SetFileTime
SetLastError
FreeResource
ExitProcess
CreateNamedPipeW
SetErrorMode
SizeofResource
_lread
SetEvent
IsBadWritePtr
GetLargestConsoleWindowSize
GetFileAttributesA
EnumResourceLanguagesW
CreateEventA
IsDBCSLeadByteEx
PeekConsoleInputW
GlobalFindAtomW
GetLogicalDriveStringsA
LocalAlloc
SetConsoleOutputCP
SetThreadLocale
FindNextChangeNotification
GetCurrentProcess
SetEnvironmentVariableA
FreeLibraryAndExitThread
FillConsoleOutputCharacterA
GetCommandLineA
VirtualAlloc
GetCommandLineW

user32

SubtractRect
GetClipboardFormatNameA
FindWindowExW
TranslateMessage
LoadImageA

gdi32

GetTextExtentPointA
TranslateCharsetInfo
GetObjectA

comdlg32

ChooseColorA
GetFileTitleW
GetSaveFileNameA

advapi32

ReportEventW
CryptVerifySignatureW
RegSetValueA
InitiateSystemShutdownA
CreateServiceW
SetPrivateObjectSecurity
OpenServiceA
CryptGenRandom
RegEnumKeyW
GetSecurityDescriptorSacl
SetEntriesInAclW
RegEnumKeyExA
RegSetValueExW
GetFileSecurityA
CryptVerifySignatureA
LookupPrivilegeValueW
RegSetKeySecurity
RegisterServiceCtrlHandlerA
FreeSid
SetNamedSecurityInfoA
ObjectDeleteAuditAlarmW
RegReplaceKeyW
InitializeSecurityDescriptor
StartServiceCtrlDispatcherW
LookupAccountNameA
RegOpenKeyW
DeregisterEventSource
RegCreateKeyW
SetSecurityDescriptorSacl
LogonUserA
QueryServiceConfigW
MapGenericMask

shell32

SHFileOperationW
FindExecutableW
Shell_NotifyIconA

ole32

OleConvertIStorageToOLESTREAM
ReadClassStg
WriteClassStg
GetClassFile
OleIsRunning
OleCreateMenuDescriptor

oleaut32

VariantChangeType

comctl32

ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_DrawEx

shlwapi

PathIsUNCW
StrStrIA
SHRegOpenUSKeyW
SHRegGetBoolUSValueA
PathCombineA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66817a435dacecb7579ad283e69f5317

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 287KB - Virtual size: 287KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 287KB - Virtual size: 287KB