f8a738296c04cc3e8f8ae3222cea52ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f8a738296c04cc3e8f8ae3222cea52ad_JaffaCakes118
Size

323KB
MD5

f8a738296c04cc3e8f8ae3222cea52ad
SHA1

99791d54deffb0ca8fb9ed6956ed05097f2fbd6f
SHA256

1d61aeb3598e592dfaf9f663d1a79e96d9ddb787cc48043c92f3279538da7de9
SHA512

c4e969de885027c9053e419281c03176a4ac74cf3014fc7afe86403996776b4359657d4b0a9360f8eeaa97782300ec4af6d22a8a5f2b789703f0cadf58caf686
SSDEEP

1536:3sd1XVvJzpp4K/YOaHEa51k90QTbZUBTBeidkV2MPUaV0SfnPWrhGU:3sbFvJu1/GP+B97MPDTWr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8a738296c04cc3e8f8ae3222cea52ad_JaffaCakes118

Files

f8a738296c04cc3e8f8ae3222cea52ad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cf4e91f5d4cb6c5188dd899aea9f0eb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DFM1gCeg

Imports

rasapi32

RasGetConnectStatusA
RasGetProjectionInfoA

ws2_32

WSACleanup

winscard

SCardLocateCardsW

oleaut32

VarBstrFromBool
UnRegisterTypeLi
GetActiveObject

user32

DialogBoxParamW
TrackPopupMenu
MessageBeep
GetMessagePos
DrawCaption
CharLowerBuffW
GetInputState
GetDialogBaseUnits
wsprintfA
GetMessageExtraInfo

iphlpapi

GetNetworkParams

winspool.drv

FindNextPrinterChangeNotification

opengl32

glMultMatrixd
glBegin

gdi32

SetDCPenColor
ModifyWorldTransform
ExtSelectClipRgn
GetTextCharset
AddFontResourceA

shlwapi

PathSetDlgItemPathW

ole32

OleCreateFromData
CLSIDFromString
OleCreateStaticFromData

kernel32

GetModuleFileNameA
EnterCriticalSection
FlsFree
EnumSystemLocalesW
GetTempPathW
GetBinaryTypeA

advapi32

LogonUserA
AddAuditAccessAceEx
GetFileSecurityW
ReadEventLogA
RegCloseKey
DuplicateToken

crypt32

CertNameToStrA
CryptSIPLoad
CryptMemRealloc
CertGetSubjectCertificateFromStore

msvcrt

fgetwc

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf4e91f5d4cb6c5188dd899aea9f0eb2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

rasapi32

ws2_32

winscard

oleaut32

user32

iphlpapi

winspool.drv

opengl32

gdi32

shlwapi

ole32

kernel32

advapi32

crypt32

msvcrt

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 2KB - Virtual size: 1KB

.pdata Size: 2KB - Virtual size: 6KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 200KB - Virtual size: 199KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 2KB - Virtual size: 1KB

.pdata
Size: 2KB - Virtual size: 6KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 200KB - Virtual size: 199KB

.rsrc
Size: 16KB - Virtual size: 15KB