12c7e51423e66e2de5603a40764e1ee0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

12c7e51423e66e2de5603a40764e1ee0_JaffaCakes118
Size

69KB
MD5

12c7e51423e66e2de5603a40764e1ee0
SHA1

5d4b6ba2d111838ad58859ed957c9717df00774c
SHA256

2a5a739e3707ff86a56b036466c9f4ccdc9d4a2344c686939b00b5a59fff0d6c
SHA512

d18c407900a5507cc14325f9e2cb6d3fa424ae6b7ed46c0e5ace3cbbf873db8ea2f6045612d9b596a19baf492bb1689c6c300fd260033356bfe272907e4944dc
SSDEEP

1536:GR5Y15tBLV5n1fNYbteMJHfpwb/g6ZDzuIo370hErHlo:GR5sbBLV5ZakMJHfpwb/gYuIoA6rHlo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12c7e51423e66e2de5603a40764e1ee0_JaffaCakes118

Files

12c7e51423e66e2de5603a40764e1ee0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a2d6b58ebe87eeb02a3169588d06deb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
FreeSid
AllocateAndInitializeSid
OpenProcessToken
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegDeleteValueA
RegCreateKeyA
RegEnumValueA
RegCloseKey

kernel32

CreateMutexA
GetLastError
WaitForSingleObject
ReleaseMutex
GetPrivateProfileStringA
WritePrivateProfileSectionA
GetShortPathNameA
Sleep
lstrlenA
GetSystemDirectoryA
LockResource
LoadResource
WriteFile
FreeLibrary
GetProcAddress
LoadLibraryExA
ExitProcess
FindResourceA
GetCurrentDirectoryA
GetCommandLineA
GetModuleHandleA
lstrcpyA
lstrcpynA
GetWindowsDirectoryA
lstrcmpiA
GetPrivateProfileSectionA
lstrcmpA
SetFileAttributesA
CloseHandle
WritePrivateProfileStringA
GetPrivateProfileIntA
LocalAlloc
GetCurrentProcess
ExpandEnvironmentStringsA
CopyFileA
GetTempFileNameA
lstrcatA
CreateFileA
LocalFree
GetSystemInfo
GetVersionExA
HeapFree
HeapAlloc
GetProcessHeap
CreateDirectoryA
SetCurrentDirectoryA
LoadLibraryA

user32

DialogBoxParamA
wsprintfA
LoadStringA
MessageBoxExA
EndDialog
IsDlgButtonChecked
CheckDlgButton
SetWindowTextA
ExitWindowsEx
MessageBoxA
CharNextA
CharPrevA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHFileOperationA
SHGetPathFromIDListA
ShellExecuteExA
SHGetDesktopFolder
SHChangeNotify

ole32

CoInitialize
CoUninitialize

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

advpack

RunSetupCommand

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a2d6b58ebe87eeb02a3169588d06deb

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

shell32

ole32

version

advpack

Sections

.text Size: 29KB - Virtual size: 29KB

.data Size: 512B - Virtual size: 468B

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 29KB - Virtual size: 29KB

.data
Size: 512B - Virtual size: 468B

.rsrc
Size: 38KB - Virtual size: 37KB