10853eb79c46a755b1b85653002ebc3c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10853eb79c46a755b1b85653002ebc3c_JaffaCakes118
Size

162KB
MD5

10853eb79c46a755b1b85653002ebc3c
SHA1

13284a677288c9101fa0928b50d62283519e4f9c
SHA256

6c360e37e1930ce8d30d40e685e6b0657f4a90d5347577c793b43be359b21b13
SHA512

be4766e522edcb030babe5fa10ae14b17855d466ecaa83d260c1be7360cada2291cbbe389e9e8d078edf1cb6b0a09f3d9e25b6973d84b5e749b941cf68bf7b35
SSDEEP

3072:r+gWfaJ+M/2zsOYyKiHVOH8ep/vzQp45POuYfJZozp/d18:r+gWfahIHE84DE45POuYfJZob1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10853eb79c46a755b1b85653002ebc3c_JaffaCakes118

Files

10853eb79c46a755b1b85653002ebc3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de8263a7618db8c81ba73ad6e317397b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmMetrics
acmStreamConvert
acmStreamUnprepareHeader
acmFormatTagDetailsW
acmFormatChooseW
acmFormatSuggest
acmGetVersion
acmStreamOpen
acmStreamSize
acmStreamPrepareHeader
acmFormatDetailsW
acmStreamClose

msvfw32

ICDecompress
ICCompressorFree
ICCompress
ICSendMessage
ICOpen
ICGetInfo
ICClose
ICGetDisplayFormat
ICCompressorChoose

ole32

ReleaseStgMedium
CoUnmarshalInterface
OleGetClipboard
OleFlushClipboard
CoCreateInstance
CoGetMalloc
OleInitialize
CoGetMarshalSizeMax
OleUninitialize
CreateStreamOnHGlobal
OleSetClipboard
CoMarshalInterface

kernel32

GetModuleHandleA
GetSystemTimeAsFileTime
GetFullPathNameW
GetOverlappedResult
GlobalAlloc
lstrcpyA
GlobalSize
lstrlenA
GetTickCount
SetUnhandledExceptionFilter
LocalFree
InitializeCriticalSection
MulDiv
GetFileSize
LoadLibraryW
EnterCriticalSection
lstrcatA
GlobalUnlock
GetCurrentProcessId
GlobalReAlloc
LocalAlloc
lstrcpynW
lstrcmpW
QueryPerformanceCounter
DeleteCriticalSection
LeaveCriticalSection
GlobalFree
GetDiskFreeSpaceW
MultiByteToWideChar
lstrcpyW
WriteFile
WideCharToMultiByte
SetErrorMode
ResetEvent
CreateFileW
CloseHandle
GetLastError
IsBadReadPtr
ReadFile
GetLocaleInfoA

user32

SetDlgItemTextW
wsprintfW
SetRect
EndDialog
CharPrevW
LoadStringW
PeekMessageW
ReleaseDC
CheckDlgButton
EnableWindow
MessageBeep
DestroyWindow
MessageBoxW
DialogBoxParamW
TranslateMessage
SendDlgItemMessageW
IsRectEmpty
SetRectEmpty
SetDlgItemInt
SendMessageW
IsDlgButtonChecked
GetDlgItem
GetDC

msvcrt

_initterm
__set_app_type
free
_adjust_fdiv
_vsnwprintf
__getmainargs
malloc
atoi
_purecall
__p__commode
exit
mbstowcs
??2@YAPAXI@Z
??3@YAXPAX@Z
_ftol
memmove

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegQueryValueW
RegEnumKeyW
RegOpenKeyW

winmm

mmioRead
mmioWrite
mmioClose
mmioOpenW
mmioSeek

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de8263a7618db8c81ba73ad6e317397b

Headers

File Characteristics

Imports

msacm32

msvfw32

ole32

kernel32

user32

msvcrt

advapi32

winmm

Sections

.text Size: 111KB - Virtual size: 110KB

.idata Size: 20KB - Virtual size: 19KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 111KB - Virtual size: 110KB

.idata
Size: 20KB - Virtual size: 19KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 23KB - Virtual size: 23KB