1518db73ab530bf368ad18df6ae0c423_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1518db73ab530bf368ad18df6ae0c423_JaffaCakes118
Size

53KB
MD5

1518db73ab530bf368ad18df6ae0c423
SHA1

2c5ec3296d3e89da1673e795cf4b3a1edf7ac3ba
SHA256

f7360ba92e52a71928bc219f41279edf9bb08c09b96e33167e1086726afededb
SHA512

6659cf40b0f585e7cc996d8d812f4e5ca7b670c337780d41e4d941f9272bf15fbd7e5b072466338f6b79d0f2e811ccbc121d0d79377e0b12f501060cd67c527d
SSDEEP

768:fvf4KiEEsmXM79yCjP7snwwCcZ3CBzUi0JcZ4CkC5HVYPCUy:fvQztzeQnEe+0JcLHyP8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1518db73ab530bf368ad18df6ae0c423_JaffaCakes118

Files

1518db73ab530bf368ad18df6ae0c423_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ef33879c39091d5d0cfb8ed69732039a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateJobObjectW
CreateJobObjectA
CreateIoCompletionPort
CreateHardLinkW
CreateHardLinkA
CreateFileW
CreateFileMappingW
EnumResourceTypesA
CreateFileA
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
GetModuleHandleA
EnumResourceTypesW
FindVolumeMountPointClose
EnumSystemCodePagesA
EnumSystemCodePagesW
EnumSystemLanguageGroupsA
EnumSystemLanguageGroupsW
EnumSystemLocalesA
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
EnumUILanguagesA
EnumUILanguagesW
EraseTape
FindFirstVolumeA
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FindVolumeClose
CreateFileMappingA

gdi32

CreateEllipticRgnIndirect
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontA
CreateFontIndirectA
CreateFontIndirectExA
CreateFontIndirectExW
CreateFontIndirectW
CreateFontW
CreateHalftonePalette
CreateHatchBrush
CreateICA
CreateICW
CreateMetaFileA
CreateMetaFileW
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateScalableFontResourceW
CreateScalableFontResourceA

advapi32

RegOpenKeyA
RegOpenKeyW

shell32

SHGetPathFromIDListA
ord180
ord179
SHGetMalloc
SHGetInstanceExplorer
SHGetIconOverlayIndexW
SHGetIconOverlayIndexA
SHGetFolderPathW
SHGetFolderPathA
SHGetFolderLocation
SHGetFileInfoW
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHGetDiskFreeSpaceExA
SHGetDesktopFolder
SHGetDataFromIDListW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef33879c39091d5d0cfb8ed69732039a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

shell32

Sections

.text Size: 45KB - Virtual size: 44KB

.data Size: 512B - Virtual size: 612B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 756B

.text
Size: 45KB - Virtual size: 44KB

.data
Size: 512B - Virtual size: 612B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 756B