00d1c3f4aeeb99e9e9038ab00542dc63_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00d1c3f4aeeb99e9e9038ab00542dc63_JaffaCakes118
Size

201KB
MD5

00d1c3f4aeeb99e9e9038ab00542dc63
SHA1

8c516b6d47e506352197dd18f025c2ddbc375f07
SHA256

e16b8004e6284e6acb0c4fe73e975860a12ba5b4156fbe45be9023e036ecee0a
SHA512

3997da17cc4dd833b08e27ac2490da9dd191b419b8a3181c6d020dc8f8bfb5ca9e8e55fc4f29465f9f3afe9db457cf5dbd0d8f044484915da32a030a0dc3b6fe
SSDEEP

6144:2pPVLbqyKtW3Kpk8rw60Jm7DTcREEmhF9EC93t7i:4VLLwrh6UDIEEmt3s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00d1c3f4aeeb99e9e9038ab00542dc63_JaffaCakes118

Files

00d1c3f4aeeb99e9e9038ab00542dc63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c3ec25fc5c547469e11d9637de295b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowScrollBar
ChildWindowFromPoint
OpenDesktopA
EnumPropsW
GetMessagePos
GetLastActivePopup
RemovePropA
GetDialogBaseUnits
SendMessageTimeoutA
SetPropA
GetDC

wininet

InternetCreateUrlW
FtpCommandA

advapi32

RegLoadKeyA
InitializeSecurityDescriptor
RegRestoreKeyA
RegCreateKeyExA
CryptGetHashParam
AbortSystemShutdownW
RegConnectRegistryA
RegDeleteKeyW
RegCreateKeyA

comdlg32

GetOpenFileNameW
ChooseFontW
GetFileTitleA
ChooseColorW

kernel32

GetFileType
InitializeCriticalSection
LCMapStringA
GetModuleHandleA
SetLocaleInfoW
CreateMailslotW
MultiByteToWideChar
GetStringTypeA
HeapDestroy
HeapFree
OpenFileMappingW
ReadFile
GetSystemTimeAsFileTime
FreeLibraryAndExitThread
WideCharToMultiByte
RtlUnwind
VirtualProtectEx
HeapAlloc
LoadLibraryA
IsBadWritePtr
GetStdHandle
EnumDateFormatsA
GetLastError
GetTickCount
VirtualFree
IsValidCodePage
GetVersion
VirtualQuery
GetCurrentProcess
SetEnvironmentVariableA
SetHandleCount
GetEnvironmentStrings
SetLastError
GetStartupInfoA
TlsSetValue
FindClose
VirtualAlloc
FreeEnvironmentStringsA
GetACP
WriteFile
DeleteCriticalSection
GetProcessShutdownParameters
GetCurrentThreadId
ExitProcess
FindNextFileW
WriteProfileSectionW
GetCurrentProcessId
WritePrivateProfileStringA
GetCurrentDirectoryA
TlsFree
LCMapStringW
GetStringTypeW
GetLongPathNameA
ReadConsoleOutputCharacterW
InitializeCriticalSectionAndSpinCount
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
GetDiskFreeSpaceExW
EnterCriticalSection
HeapCreate
QueryPerformanceCounter
FreeEnvironmentStringsW
TlsGetValue
InterlockedExchange
GetProcAddress
GetCommandLineA
HeapReAlloc
LeaveCriticalSection
GlobalAlloc
GetModuleFileNameA
GetCPInfo
GetOEMCP
CreateSemaphoreW
GetEnvironmentStringsW
TlsAlloc

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c3ec25fc5c547469e11d9637de295b2

Headers

File Characteristics

Imports

user32

wininet

advapi32

comdlg32

kernel32

Sections

.text Size: 93KB - Virtual size: 93KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 93KB - Virtual size: 93KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 3KB - Virtual size: 2KB