f0730dbdfbb1e6ce5e063360a258ca5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0730dbdfbb1e6ce5e063360a258ca5f_JaffaCakes118
Size

173KB
MD5

f0730dbdfbb1e6ce5e063360a258ca5f
SHA1

379b677a2b9aa149de798250ae57187731bb082f
SHA256

5e97668ce698bf2e35e5fc84fab8e60b174e3788307cfd2aaf01556f645b1fc4
SHA512

0ee963fb4c096789ff65ee953456ce0957b4d7e23fe43d55bbac23c08769d62da39c33cfe388903820c6ae7eea635582f944724c64659c3007dcbfad9848db59
SSDEEP

1536:CFtb1zIaKEOJjMRLHS9uh49LZwqBmmwvkxOebHLoYkgVTr8YbcSH4Nz+O02knXzY:CFt+1qh49hoCddbt4on227ZbpV8PbLcW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0730dbdfbb1e6ce5e063360a258ca5f_JaffaCakes118

Files

f0730dbdfbb1e6ce5e063360a258ca5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccaa6572de429d0b3796884f6f079d0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

mpr

WNetOpenEnumW

powrprof

GetPwrCapabilities

kernel32

lstrcatW
CreateFileW
MultiByteToWideChar
GetModuleHandleA
GetDateFormatW
GetModuleHandleW
InterlockedExchange
GetProcAddress
DisableThreadLibraryCalls
TerminateProcess
GetVersionExA
GetLastError
SetUnhandledExceptionFilter
FormatMessageW
DeviceIoControl
lstrcpynW
GetModuleFileNameW
LocalAlloc
LoadLibraryW
lstrcmpW
LocalFree
UnhandledExceptionFilter
GetLocaleInfoW
lstrcpyW
lstrlenW
GetWindowsDirectoryW
GetCurrentProcess
GetSystemPowerStatus
CloseHandle

msvcrt

_except_handler3

user32

GetSystemMetrics
ScreenToClient
MoveWindow
WinHelpW
GetDlgItem
SystemParametersInfoW
CharNextW
RegisterDeviceNotificationW
CreateDialogParamW
GetWindowRect
SendMessageW
SendDlgItemMessageW
LoadStringW
EndDialog
ShowWindow
DialogBoxParamW
SetWindowTextW
CharNextA
SetDlgItemTextW
DestroyIcon

advapi32

RegQueryValueExA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA

ntdll

NtAllocateVirtualMemory
LdrLoadDll

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 211B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccaa6572de429d0b3796884f6f079d0d

Headers

File Characteristics

Imports

setupapi

mpr

powrprof

kernel32

msvcrt

user32

advapi32

ntdll

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 211B

.data Size: 10KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 20B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 211B

.data
Size: 10KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 20B

.rsrc
Size: 10KB - Virtual size: 10KB