df9cd53675670d23704ba50def8ef383_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df9cd53675670d23704ba50def8ef383_JaffaCakes118
Size

22KB
MD5

df9cd53675670d23704ba50def8ef383
SHA1

83dd10cda99e8132d65483493a0135bb11e06cef
SHA256

172f92f2b40f562f2030b4ffff5df2aeabd0a1fb02f1ea3f8a922d769246f744
SHA512

924cc6c5ee5348320d1ae2135192974f06f151b4036395660deacbbd695717b6539dc6d597a7eda11c45c3406aa9aab92a978359feb5aa3d64090240110278c8
SSDEEP

384:VWmR0bR6oo5F0WTkYFGiHWxKxAzXK3XZKDyAU9XACKlO8+NI:UmR0l6ookEN7HWxKGodKlwy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df9cd53675670d23704ba50def8ef383_JaffaCakes118

Files

df9cd53675670d23704ba50def8ef383_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd851899765bdd8a5e62f02924665e89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
OpenMutexA
FindClose
FindFirstFileA
FreeLibrary
GetProcAddress
GetCommandLineA
LoadLibraryA
WaitForSingleObject
CreateProcessA
lstrcatA
GetShortPathNameA
lstrcpynA
WritePrivateProfileStringA
CreateFileA
FindNextFileA
DeleteFileA
SetFileAttributesA
ReadFile
RemoveDirectoryA
MoveFileExA
SetCurrentDirectoryA
CopyFileA
SetFilePointer
GetWindowsDirectoryA
GetCurrentDirectoryA
GetTempPathA
GetModuleFileNameA
lstrcpyA
GetModuleHandleA
GetFileSize
ExitProcess
VirtualFree
VirtualAlloc
CompareStringA
GetFileAttributesA
lstrlenA
GetPrivateProfileStringA
Sleep
InterlockedIncrement

user32

SetWindowTextA
SetClassLongA
GetWindowRect
SetWindowPos
LoadIconA
SendMessageA
ShowWindow
EndDialog
CharToOemA
GetWindowLongA
DialogBoxParamA
GetDlgItem
EnableWindow
PostMessageA
SendDlgItemMessageA
FindWindowA
EnumWindows
GetWindowTextA
wvsprintfA
MessageBoxA
wsprintfA
SetDlgItemTextA

gdi32

RemoveFontResourceA

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA

shell32

SHChangeNotify

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd851899765bdd8a5e62f02924665e89

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 512B - Virtual size: 4B

.data Size: 512B - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 1KB

.Shared Size: 512B - Virtual size: 4B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 8KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 512B - Virtual size: 4B

.data
Size: 512B - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 1KB

.Shared
Size: 512B - Virtual size: 4B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 8KB