05df670a6c1986d5e412e4a20a654a7a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05df670a6c1986d5e412e4a20a654a7a_JaffaCakes118
Size

197KB
MD5

05df670a6c1986d5e412e4a20a654a7a
SHA1

8ebe7570a0abca4c700dfff3abfe1c55f2a342ec
SHA256

1ee8397a1283fdcc65de9e747b27f138b6358c62809b379bb9770df48ee80d65
SHA512

c4527255e9bab324a00a3647e8b9038cda224424bded6030fd57395536a5a6fa25febc4a43845460e4ebd6639568997617a4edd9c603ee0d7d9c8d64196ea090
SSDEEP

3072:d5F9V8twX37t/Hkr6aQD83IKdS/uVWCxrzlyRyGdQnMKEIEbvFGfpXK+rKA6:dJO+37BC6R8TbrzEMsmMKEIEBS6FV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05df670a6c1986d5e412e4a20a654a7a_JaffaCakes118

Files

05df670a6c1986d5e412e4a20a654a7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7530b9bec6504e0d8e6f91fe2d0b2687

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesExA

kernel32

SetStdHandle
GetDiskFreeSpaceExA
GetShortPathNameW
WritePrivateProfileSectionW
PeekNamedPipe
GetSystemDirectoryW
WriteFile
VirtualAlloc
GetCommandLineA
GetTapeParameters
GetLocaleInfoW
EnumCalendarInfoA
MoveFileExA
GetCPInfo
GenerateConsoleCtrlEvent
GetDriveTypeW
Beep
CreateDirectoryExA
CreateDirectoryW
LocalLock
_hread
ExitProcess
GetDiskFreeSpaceW
LocalFileTimeToFileTime
FindCloseChangeNotification
EnumDateFormatsW
GetFullPathNameA
SetCurrentDirectoryA

user32

SetTimer
SetWindowTextW
ReplyMessage
EndMenu
ToAscii
GetMessagePos
SetParent
InsertMenuA
GetUserObjectSecurity
SendMessageW
ScrollWindowEx
GetDlgItemInt
SetWindowRgn
SetLastErrorEx
CopyIcon
LoadImageW

advapi32

LookupAccountSidW
RegEnumKeyA
RegisterServiceCtrlHandlerW
RegLoadKeyA
DeleteService
QueryServiceConfigA
RegOpenKeyExW
DeleteAce
CryptGetKeyParam
AdjustTokenPrivileges
InitiateSystemShutdownW
LookupAccountNameW
ImpersonateLoggedOnUser
LogonUserA
RegUnLoadKeyA
StartServiceCtrlDispatcherA
GetSidLengthRequired
RegCreateKeyExA
QueryServiceStatus
SetSecurityInfo

ws2_32

WSACleanup
WSALookupServiceNextW
WSASocketW
closesocket
WSALookupServiceBeginA
WSASetServiceW
ioctlsocket
WSAStringToAddressA
inet_addr
sendto
select

version

GetFileVersionInfoA

ole32

CoMarshalInterThreadInterfaceInStream
CoUninitialize
CoCreateInstance
OleGetIconOfClass
GetClassFile

shell32

DragQueryPoint
ExtractIconA
SHGetSpecialFolderPathA
SHBrowseForFolderA
Shell_NotifyIconA

oleaut32

SafeArrayRedim

msvcrt

putchar
_mbsstr
setvbuf
fflush
_ltow
_cwait
_wsplitpath
_wsopen
_wsetlocale
fclose
vwprintf
_wcsicoll
_wchmod
_mbsnbcpy
_open_osfhandle
_mbsinc
strstr
asctime
_mbsncmp
_umask
strpbrk
_mbsnicmp
_wputenv
_putws
_mbctoupper
toupper
ceil
_mbscpy
atol
_tzset
_splitpath
wcscpy
_wfsopen
_mbscat
localtime
_wstrtime
_getpid
_strncoll
wcscmp
_mbsicmp
_wtoi
vprintf

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7530b9bec6504e0d8e6f91fe2d0b2687

Headers

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

ws2_32

version

ole32

shell32

oleaut32

msvcrt

Sections

.text Size: 192KB - Virtual size: 192KB

.rdata Size: 3KB - Virtual size: 3KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 3KB - Virtual size: 3KB