16cdd0ac904ffed349e9b89a570cd026_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

16cdd0ac904ffed349e9b89a570cd026_JaffaCakes118
Size

45KB
MD5

16cdd0ac904ffed349e9b89a570cd026
SHA1

5a5f094358c595535d8ba0c0bcf993ee5af333fd
SHA256

e7f88a1825ae4d8e09676a0e32c319c6da633cedd9a7afb05b055be29cb74746
SHA512

5f07e9b8f7cc2fd76b3963a05134dedc1df0d2019730a55c1549f3fba48be6c41d77bc856075f79cc732b75ff16e2dbb165a3efc22f4d0bfeedaecbfba2859ef
SSDEEP

768:OGBUJVSjHdj3YnDj89Zy5C1D4up3fihxfibHSsMR7k1ElAxErBKBUMEyOoqPHw:OGBOwjHdj3YnDj89ZyQxeN21M+wNdoq/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16cdd0ac904ffed349e9b89a570cd026_JaffaCakes118

Files

16cdd0ac904ffed349e9b89a570cd026_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4403e289a5b8d5004cc38938ecf68bd1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesExW
EndDoc
SetDIBits
SetPixelV
GetTextFaceW
Pie
IntersectClipRect
OffsetWindowOrgEx
StartPage
SetStretchBltMode
CreatePatternBrush

kernel32

GetCurrentThread
DuplicateHandle
LCMapStringW
VirtualQuery
SetCurrentDirectoryW
GetConsoleMode
VirtualAlloc
GetOEMCP
CreateMutexW
ReleaseMutex
LeaveCriticalSection
GetEnvironmentVariableA
lstrcmpW
GetVersion
SetFileAttributesA
GlobalReAlloc
CreateFileMappingA
ExitProcess
IsBadWritePtr

msvcrt

_memicmp
_except_handler3
__unDName
_snprintf
swscanf
_filelength
strerror
tolower
wcscpy
__set_app_type
wcscat
srand
_wgetenv
_errno
__p__fmode

advapi32

GetSecurityDescriptorControl
RegCreateKeyExA
RegQueryInfoKeyW
RegDeleteKeyA
RegCloseKey
LookupPrivilegeValueA
StartServiceCtrlDispatcherA
RegEnumValueW
CloseServiceHandle
OpenServiceA
RegFlushKey
AdjustTokenPrivileges
ControlService
RegOpenKeyExA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4403e289a5b8d5004cc38938ecf68bd1

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

msvcrt

advapi32

version

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 1024B - Virtual size: 790B

.rdata Size: 15KB - Virtual size: 14KB

.ndata Size: 2KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 1024B - Virtual size: 790B

.rdata
Size: 15KB - Virtual size: 14KB

.ndata
Size: 2KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 2KB