07cdc68cb6bfdc5609242ead402559e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07cdc68cb6bfdc5609242ead402559e8_JaffaCakes118
Size

856KB
MD5

07cdc68cb6bfdc5609242ead402559e8
SHA1

b8800fc21b03b098c60f7cc6960e500ec52b2359
SHA256

a31785f9a615df627158722a53d37dcd942c7f8064874dbd9cd1e6f24e43d3ba
SHA512

84177076cf3ad08430db86b2aa315e4a55d5caf6db96a3d3f319857204020d338e08045d606e558287add59f87fd181ee32813146f97cc59f055ddc60668c994
SSDEEP

24576:1NeUOS7NeYvEURRRNg6+yzhOG7sQZlaqSt4m7q:1NeUOOeYv9RpB+HxQWT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07cdc68cb6bfdc5609242ead402559e8_JaffaCakes118

Files

07cdc68cb6bfdc5609242ead402559e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f6e2816999962cc88d255412041585dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BringWindowToTop
SendMessageW
ScreenToClient
SetWindowLongA
RegisterWindowMessageA
SystemParametersInfoW
KillTimer
UnregisterClassA
GetMessageTime
LoadMenuW
SetClipboardData
GetWindowLongA
GetWindowPlacement
LoadCursorA
DrawFocusRect
EndPaint
IsDialogMessageW
GetMessageA
GetForegroundWindow
SetWindowsHookExA
DrawEdge
IsRectEmpty
RegisterWindowMessageW
CopyRect
IsChild
wsprintfA
OpenClipboard
MessageBoxA
GetDC
GetCapture
GetSysColorBrush
SystemParametersInfoA

kernel32

lstrlenA
GetModuleHandleW
HeapDestroy
EnumSystemLocalesA
GetCurrentThread
SetConsoleCtrlHandler
GetLocaleInfoW
HeapSize
EnterCriticalSection
IsDebuggerPresent
GetThreadLocale
LocalFileTimeToFileTime
CreateSemaphoreW
SetEvent
FlushInstructionCache
LoadLibraryExA
lstrcmpW
LocalAlloc
GetSystemDefaultLCID
UnlockFile
GetFileType
GetProcessHeap
GetStartupInfoW
LeaveCriticalSection
lstrcmpA
GetModuleHandleA
LoadLibraryW
LocalReAlloc
MulDiv
GetEnvironmentVariableA
GetTimeZoneInformation
OutputDebugStringW
VirtualAlloc
GetCommandLineW
OpenEventW
TlsFree
GetDriveTypeA
CopyFileA
DeleteCriticalSection
GetEnvironmentStringsA
LoadLibraryA
GetCurrentProcess
LCMapStringA

advapi32

OpenSCManagerW
ReportEventW
RegCloseKey
OpenServiceW
RegOpenKeyA
RegCreateKeyExA
AllocateAndInitializeSid
GetLengthSid
AddAccessAllowedAce
RegQueryInfoKeyW
RegEnumValueW

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 338KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6e2816999962cc88d255412041585dc

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 338KB - Virtual size: 337KB

.data Size: 348KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 338KB - Virtual size: 337KB

.data
Size: 348KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB