280b5cba71b2e96ecebda96220a5fc72_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

280b5cba71b2e96ecebda96220a5fc72_JaffaCakes118
Size

48KB
MD5

280b5cba71b2e96ecebda96220a5fc72
SHA1

e1e36feb344a0897a3649ad515d6e949176203ce
SHA256

73b5c7372fa2692d6ebc41b03ceb7232d09329b4fec394b3463eb97a57afeaf0
SHA512

256b52336d7831bc2dccf415eb87b823650a9de2ebc2023b8e5a1eafe67df56f15a1074ac97ca9c3124f4cb8474a9052e2bd21b8465eb6a75b85039b0ddcfa73
SSDEEP

768:n+8wq+L1yEvEPcipDC1Thy0fticiFcQtveeGc9tZQcA6bL3d/o+szU:n+v9EPJ2T9fJiKQtveTc9UcAwR/opw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
280b5cba71b2e96ecebda96220a5fc72_JaffaCakes118

Files

280b5cba71b2e96ecebda96220a5fc72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b725cf39399ec4e8a5b7f997d1b440a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

dfuicom.pdb

Imports

kernel32

DeleteCriticalSection
LoadLibraryW
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
lstrlenW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
GlobalUnlock
GlobalLock
LeaveCriticalSection
EnterCriticalSection
InterlockedCompareExchange
lstrcpynW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CloseHandle
InitializeCriticalSection
Sleep
GetCurrentThreadId
CreateThread
CreateEventW
SetEvent
GetCommandLineW
GetSystemDirectoryW
LoadLibraryA
RaiseException
GetVersionExW
LocalAlloc
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualProtect
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersion
GetModuleHandleA
GetFileAttributesW
GetProcAddress
GetModuleHandleW
WaitForSingleObject

user32

PeekMessageW
CharNextW
SendMessageW
EnableWindow
ShowWindow
CharUpperW
DispatchMessageW
TranslateMessage
DefWindowProcW
SetParent
CreateWindowExW
RegisterClassExW
PostThreadMessageW
GetMessageW

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
GetHGlobalFromStream
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
StringFromGUID2
CoCreateInstance

msvcrt

_initterm
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
memset
__wgetmainargs
_amsg_exit
_except_handler3
free
malloc
_CxxThrowException
wcslen
__CxxFrameHandler
realloc
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln

shlwapi

PathFindExtensionW

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b725cf39399ec4e8a5b7f997d1b440a2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

msvcrt

shlwapi

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 512B - Virtual size: 836B

.cdata Size: 512B - Virtual size: 4B

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 512B - Virtual size: 836B

.cdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 5KB - Virtual size: 5KB