0b68f34be8778b54ce53915ba60c3312_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b68f34be8778b54ce53915ba60c3312_JaffaCakes118
Size

19KB
MD5

0b68f34be8778b54ce53915ba60c3312
SHA1

3e5a399c8624d131df809f45a2cd79971d7e4385
SHA256

063a350543d0adb53d4a57af4ef78ae787c1a326550aaa775ec106124100361c
SHA512

e636d41a7f9263980d65258c0026289b6472d5f51e1d738a017682638a16610ce20a96ca7e65cbc55c067feba0f98294d88b65ad5ed3ded370572b0cc02416ff
SSDEEP

384:wvdehSglPIgyAdjq92fZiGFrWSTFJQGbwQ:wvdepPIgyAdS2fxWqJpt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b68f34be8778b54ce53915ba60c3312_JaffaCakes118

Files

0b68f34be8778b54ce53915ba60c3312_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cee36d5ed5119be371385d21d59c0853

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
AddAtomW
SizeofResource
DeviceIoControl
CreateFileMappingW
CopyFileW
VirtualAlloc
GetCurrentDirectoryW
GetLastError
lstrcatW
CreateProcessW
FindResourceA
SetFileAttributesA
CreateMutexW
CreateDirectoryA
GetCurrentProcess
MulDiv
LoadResource
GetFullPathNameW
GetComputerNameW
ExpandEnvironmentStringsA
VirtualFree
IsValidCodePage
ExitProcess
OutputDebugStringW
WriteConsoleW
LockResource
IsBadCodePtr

user32

SetWindowLongA
LoadStringW
wsprintfW
GetDlgItem
ReleaseDC
SetWindowLongW
LoadStringA
GetWindowLongW
IsWindow
GetClientRect
PostMessageW
EndPaint
SendMessageW
GetSystemMetrics
GetWindowLongA
KillTimer
TranslateMessage
SetCursor
EnableWindow
BeginPaint
EndDialog
GetParent
GetDC
CharNextW
MessageBoxW
CharNextA
InvalidateRect
GetSysColor
DestroyWindow
MessageBoxA
CreateWindowExA
SetWindowPos
SendMessageA
DispatchMessageA
SetFocus
ShowWindow
UpdateWindow
SetTimer
GetDesktopWindow
wsprintfA
PostQuitMessage

advapi32

RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExW
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegCreateKeyExA
RegCreateKeyExW
OpenProcessToken
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyA
RegSetValueExA
RegQueryInfoKeyW
RegDeleteKeyW
FreeSid
RegEnumKeyExW
GetTokenInformation
OpenThreadToken
CloseServiceHandle
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoCreateInstanceEx

rsaenh

CPCreateHash
CPHashData
CPSetProvParam
CPDeriveKey
CPSetKeyParam
CPEncrypt
CPGetHashParam
CPReleaseContext
CPExportKey
CPDestroyKey
CPDestroyHash
CPDuplicateHash
DllUnregisterServer
CPGenKey
CPDuplicateKey
CPGetKeyParam
DllRegisterServer
CPDecrypt
CPVerifySignature
CPGetProvParam
CPHashSessionKey
CPGetUserKey
CPGenRandom
CPSetHashParam

shell32

PickIconDlg
DriveType
DAD_DragEnterEx
DllCanUnloadNow
IsNetDrive
SHCoCreateInstance
SHDefExtractIconW
IsLFNDrive
Shell_GetImageLists
DragFinish
DragAcceptFiles
DllGetClassObject
DllInstall
PathResolve
DllUnregisterServer
DAD_DragMove
SHChangeNotifyDeregister
DllRegisterServer
DAD_DragLeave
Shell_MergeMenus
PifMgr_OpenProperties
DllGetVersion
GetFileNameFromBrowse
Shell_GetCachedImageIndex
SHStartNetConnectionDialogW
SHILCreateFromPath
PathQualify
SHChangeNotifyRegister
RestartDialog

Sections

.textbss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 569B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cee36d5ed5119be371385d21d59c0853

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rsaenh

shell32

Sections

.textbss Size: - Virtual size: 8KB

.debug Size: 1024B - Virtual size: 646B

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 808B

.text Size: 1024B - Virtual size: 569B

.textbss
Size: - Virtual size: 8KB

.debug
Size: 1024B - Virtual size: 646B

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 808B

.text
Size: 1024B - Virtual size: 569B