fd4777e29556db2bb72703044b69c7d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd4777e29556db2bb72703044b69c7d0_JaffaCakes118
Size

447KB
MD5

fd4777e29556db2bb72703044b69c7d0
SHA1

394ce00cc66ad3d60cda718ba7719ce224a469dd
SHA256

d274ddec1994d669a10d463fb6d169383b5e855f92d0d79c2d1274fe23fdb8d9
SHA512

6d49750b2e446afc48346d931fb2dd946f532f3a9e3bf509af646a3dc8d9bd2058a501c9fe15f09805daba998a479f6881ad712a66ccd270e9340449de9f5dc6
SSDEEP

12288:KRvlVqdbcwBu1bFW+zJon/lNdWZgJPY5Rn:KRvudbcwBIbFW+zJondLWZgJP6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd4777e29556db2bb72703044b69c7d0_JaffaCakes118

Files

fd4777e29556db2bb72703044b69c7d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

710af11b797d8d1fb4f29f88689a713c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

CreateIpNetEntry

kernel32

InterlockedExchange
lstrcatW
CreateFileW
UnhandledExceptionFilter
lstrcpyW
SetUnhandledExceptionFilter
FormatMessageW
CloseHandle
MultiByteToWideChar
GetDateFormatW
GetLocaleInfoW
DeviceIoControl
lstrlenW
GetModuleFileNameW
LoadLibraryW
GetVersionExA
GetCurrentProcess
GetProcAddress
LocalFree
TerminateProcess
DisableThreadLibraryCalls
lstrcpynW
GetWindowsDirectoryW
GetLastError
lstrcmpW
LocalAlloc
GetModuleHandleW
GetModuleHandleA
GetSystemPowerStatus

ntdll

NtAllocateVirtualMemory
LdrUnloadDll

user32

SetDlgItemTextW
MoveWindow
GetSystemMetrics
RegisterDeviceNotificationW
DialogBoxParamW
DestroyIcon
LoadStringW
SendMessageW
SetWindowTextW
EndDialog
GetDlgItem
WinHelpW
SendDlgItemMessageW
ScreenToClient
GetWindowRect
CharNextA
ShowWindow
SystemParametersInfoW
CharNextW
CreateDialogParamW

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW

advapi32

RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

710af11b797d8d1fb4f29f88689a713c

Headers

File Characteristics

Imports

iphlpapi

kernel32

ntdll

user32

setupapi

advapi32

Sections

.text Size: 401KB - Virtual size: 400KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 13KB - Virtual size: 920KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 401KB - Virtual size: 400KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 13KB - Virtual size: 920KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 512B - Virtual size: 20B