0769579611a9b9a0e77191c778f7bbf7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0769579611a9b9a0e77191c778f7bbf7_JaffaCakes118
Size

53KB
MD5

0769579611a9b9a0e77191c778f7bbf7
SHA1

d8dce5a93bc09333142d1fdf3d43a4d69778df63
SHA256

b4945e6f4d6cd81e23e294a2bc202f079c5982a067c1790eb5d88cb8ebd1a3b5
SHA512

9d8d4cbe17d011b721469ebc8191eac6f30365b9c039feabc77ea6eb00285c01f19c4c20517028fb99e0343c3df5b2c4c2106c03f79077d2c915deb990d8b790
SSDEEP

1536:HNVROM7UZdWiMaVIef6Bj9JMWEQ8Z9enLzZeUW:HNVwM7UhBfEx8ZqzZeb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0769579611a9b9a0e77191c778f7bbf7_JaffaCakes118

Files

0769579611a9b9a0e77191c778f7bbf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baa9046b63b8e28af6f2426e9cce985f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA

shlwapi

PathBuildRootW
StrChrW
PathRemoveFileSpecW
PathAppendW
PathAddBackslashW
StrRChrW
StrStrIW
PathFileExistsW
PathCombineW

advapi32

FreeSid
LookupPrivilegeValueW
RegSetValueExW
GetTokenInformation
RegFlushKey
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW
RegEnumValueW
RegSaveKeyW
AdjustTokenPrivileges
RegOpenKeyExW
RegSetValueW
RegEnumKeyW
EqualSid
AllocateAndInitializeSid
RegUnLoadKeyW
OpenProcessToken
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExW
RegQueryValueExA
RegLoadKeyW
RegCreateKeyExW

msvcrt

memset
_wcsnicmp
_wcsicmp
longjmp
free
_amsg_exit
_wtol
memmove
_ultow
_initterm
_XcptFilter
_vsnprintf
malloc
memcpy
_vsnwprintf
_adjust_fdiv
bsearch
_wtoi
_setjmp3

rpcrt4

RpcStringFreeW

ntdll

RtlAdjustPrivilege
NtAllocateVirtualMemory

setupapi

SetupGetLineTextW
SetupDefaultQueueCallbackW
SetupQueueCopyW
SetupFindFirstLineW
SetupCloseInfFile
SetupTermDefaultQueueCallback
SetupSetDirectoryIdW
SetupFindNextLine
SetupInstallFromInfSectionW
SetupOpenInfFileW
SetupCloseFileQueue
SetupOpenFileQueue
SetupOpenAppendInfFileW
SetupCommitFileQueueW
SetupGetStringFieldW
SetupInitDefaultQueueCallbackEx

ole32

OleInitialize
CoTaskMemFree
OleUninitialize

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

oleaut32

VariantClear

gdi32

GetObjectW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetStockObject

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

baa9046b63b8e28af6f2426e9cce985f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

advapi32

msvcrt

rpcrt4

ntdll

setupapi

ole32

version

oleaut32

gdi32

Sections

.text Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 24B

.rdata Size: 31KB - Virtual size: 33KB

.text
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 24B

.rdata
Size: 31KB - Virtual size: 33KB