f68dd07ca3e255834006d8f44d160e8d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f68dd07ca3e255834006d8f44d160e8d_JaffaCakes118
Size

227KB
MD5

f68dd07ca3e255834006d8f44d160e8d
SHA1

6f92236b048c2008a19d4a61af6490a5f4cc6ef3
SHA256

456df0f8c48c0d6ee1c382e6795abe2c7777b39615f70e9db070afc9137064cc
SHA512

6e499bba3e2c2d036b4904edfa4afc3e3ba7f4b534268383e5eb68eed271f458bb9d3321d05239a2dfd3d6f22f0abdd16e2ae3db8d1e24d5c6913fa862d80810
SSDEEP

3072:P8xW7VTCsVmuz+Ydh7f/+fmItroNaCKMz5LEK8sdf:HNH1znJfGfptrqgvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f68dd07ca3e255834006d8f44d160e8d_JaffaCakes118

Files

f68dd07ca3e255834006d8f44d160e8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b021312ff841a73ba19de6936dd2a6a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessWorkingSetSize
VerSetConditionMask
SetFileValidData
PeekConsoleInputA
SetConsoleCursor
RtlZeroMemory
CloseHandle
RtlUnwind
RtlMoveMemory
RtlFillMemory
RtlCaptureContext
RtlCaptureStackBackTrace
CommConfigDialogW
WritePrivateProfileStructA

ntdll

RtlSecondsSince1980ToTime
RtlLockHeap
RtlNewSecurityGrantedAccess

user32

ClientToScreen

ole32

CoFreeLibrary
SNB_UserFree

advapi32

SetSecurityDescriptorDacl

gdi32

CreateHatchBrush
GetPixel
GetSystemPaletteUse
GetTextCharacterExtra
SetPixelV
ExtFloodFill

ntdsapi

DsCrackNamesW

ddraw

DirectDrawEnumerateA

Exports

Exports

D3tY
FfBzBrMxFzYU8bnuAaF5CY
Fwiv6o8L
ORbMgfPEIyuaK32FqYu0
R1Lo6kRa4RUj
e9Zvbtw65znan0JvTplsFz
lnSmsM1ZjvQUZs1zO

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b021312ff841a73ba19de6936dd2a6a9

Headers

File Characteristics

Imports

kernel32

ntdll

user32

ole32

advapi32

gdi32

ntdsapi

ddraw

Exports

Exports

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 19KB - Virtual size: 302KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 19KB - Virtual size: 302KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 3KB - Virtual size: 2KB