05c271af0f70f972a61fc288a4459fd4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05c271af0f70f972a61fc288a4459fd4_JaffaCakes118
Size

233KB
MD5

05c271af0f70f972a61fc288a4459fd4
SHA1

cb5f9570135ec8e1f99e82baf83e1ce82c754264
SHA256

be02ffd5a23d553ab1e0a65092cc2127fddd4a7567b5ce0e7528fcffeccacc30
SHA512

f2dd776c859a943b2c5b92a73a8f1c5a4541ca6c052159b6a68d606e20de0ff20151a86e8faf107e816b1ddd9801e3e2865af232c30cc4a94726a7c4fc05faae
SSDEEP

3072:CFt+1Vuqz6DWBAIJhBRn/8Xxvu5frWy28rT:6QGqzWWWGn/IMf6yTf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05c271af0f70f972a61fc288a4459fd4_JaffaCakes118

Files

05c271af0f70f972a61fc288a4459fd4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccaa6572de429d0b3796884f6f079d0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

mpr

WNetOpenEnumW

powrprof

GetPwrCapabilities

kernel32

lstrcatW
CreateFileW
MultiByteToWideChar
GetModuleHandleA
GetDateFormatW
GetModuleHandleW
InterlockedExchange
GetProcAddress
DisableThreadLibraryCalls
TerminateProcess
GetVersionExA
GetLastError
SetUnhandledExceptionFilter
FormatMessageW
DeviceIoControl
lstrcpynW
GetModuleFileNameW
LocalAlloc
LoadLibraryW
lstrcmpW
LocalFree
UnhandledExceptionFilter
GetLocaleInfoW
lstrcpyW
lstrlenW
GetWindowsDirectoryW
GetCurrentProcess
GetSystemPowerStatus
CloseHandle

msvcrt

_except_handler3

user32

GetSystemMetrics
ScreenToClient
MoveWindow
WinHelpW
GetDlgItem
SystemParametersInfoW
CharNextW
RegisterDeviceNotificationW
CreateDialogParamW
GetWindowRect
SendMessageW
SendDlgItemMessageW
LoadStringW
EndDialog
ShowWindow
DialogBoxParamW
SetWindowTextW
CharNextA
SetDlgItemTextW
DestroyIcon

advapi32

RegQueryValueExA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA

ntdll

NtAllocateVirtualMemory
LdrLoadDll

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 211B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccaa6572de429d0b3796884f6f079d0d

Headers

File Characteristics

Imports

setupapi

mpr

powrprof

kernel32

msvcrt

user32

advapi32

ntdll

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 211B

.data Size: 10KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 20B

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 211B

.data
Size: 10KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 20B

.rsrc
Size: 10KB - Virtual size: 10KB