efc97d9a175289fa0287e133bba09045_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

efc97d9a175289fa0287e133bba09045_JaffaCakes118
Size

670KB
MD5

efc97d9a175289fa0287e133bba09045
SHA1

1c90253bc990b47cb4edfd46aff1037be60b5ad7
SHA256

930c4445113e3459ba6ac1c5144ae0fe9d1af640fc7d1c9b16a706d0ee66cbb8
SHA512

31ae87df4d9196d3013c51c40682c49c1f3bb6a3de8947db8daabc6d00424f41addcd1f2a2a295d3040c76dd640c022b53349e7df801fe56c1d9eee95d9f8091
SSDEEP

6144:/pX0jqfEN7cEzQzCNnhRwOv4NXr6wkTgZzb3q9twT7+Wm7KfMXXtd/:mjqsqXzCNYNXruTIzb3q6+WkhdN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efc97d9a175289fa0287e133bba09045_JaffaCakes118

Files

efc97d9a175289fa0287e133bba09045_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87d041c381dee4e874541e9dab47cb2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayRedim

comctl32

ImageList_EndDrag
ImageList_LoadImageA
ImageList_DragMove
ImageList_Draw

kernel32

SetEvent
GetCurrentDirectoryW
FindResourceExW
SetTimeZoneInformation
GetACP
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetDiskFreeSpaceExA
GlobalReAlloc
GlobalFindAtomA
VirtualQueryEx
SetErrorMode
GetModuleFileNameW
DuplicateHandle
SetThreadAffinityMask
_lclose
FindCloseChangeNotification
GetFullPathNameA
_hread
PurgeComm
OpenSemaphoreW
FlushConsoleInputBuffer
GetHandleInformation
GetShortPathNameA
lstrcpynA
ExitProcess
GetOEMCP
SetThreadLocale
RaiseException
SetConsoleTitleA
SetCurrentDirectoryA
GlobalGetAtomNameW
FormatMessageW

advapi32

CryptGetHashParam
InitiateSystemShutdownW
GetAce
DeleteService
RegEnumValueW
IsValidAcl
AddAccessAllowedAce
AllocateLocallyUniqueId
OpenProcessToken
BuildTrusteeWithNameW
RegQueryInfoKeyA
EnumServicesStatusA
SetFileSecurityW
ObjectDeleteAuditAlarmW
AdjustTokenPrivileges
CryptEncrypt
NotifyBootConfigStatus
CryptExportKey
AddAce
CloseServiceHandle

ole32

OleCreateMenuDescriptor
CoCreateInstance
CoGetTreatAsClass
CoGetObject

user32

DispatchMessageW
GetKeyboardType
VkKeyScanA
MessageBoxExA
DrawTextW
ToAscii
BeginPaint
UnregisterDeviceNotification
RegisterClipboardFormatW

Sections

.text
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/DIALOG/102
.rsrc/DIALOG/105
.rsrc/DIALOG/106
.rsrc/DIALOG/107
.rsrc/DIALOG/111
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/MANIFEST/1
.xml
.text

Sharing

General

Malware Config

Signatures

Files

87d041c381dee4e874541e9dab47cb2c

Headers

File Characteristics

Imports

oleaut32

comctl32

kernel32

advapi32

ole32

user32

Sections

.text Size: 331KB - Virtual size: 331KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 325KB - Virtual size: 325KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 331KB - Virtual size: 331KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 325KB - Virtual size: 325KB

.rsrc
Size: 10KB - Virtual size: 9KB