284dd1b8c0a282e8d02d03efbb17218d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

284dd1b8c0a282e8d02d03efbb17218d_JaffaCakes118
Size

32KB
MD5

284dd1b8c0a282e8d02d03efbb17218d
SHA1

8cd910b8ccc130417df9d3ca5d709d4d5015d8c4
SHA256

61730b332d87623d47ee22c14745985d9877eabe2ae798b0845ec19402b727c5
SHA512

8fbced0e5279c52c07add8ebd2cde755bd5c4e033606cb9277ba0e9025b1c6167fea965b5792d24d2bcfa4827272b68bf96a0af623444216edd8d9bbd3556d4c
SSDEEP

768:vecMm/hadgo4wfntNRllDHuv5qB6r6IsCbL:km5bNw1NVDS8B3IsCbL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
284dd1b8c0a282e8d02d03efbb17218d_JaffaCakes118

Files

284dd1b8c0a282e8d02d03efbb17218d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9889861fcab353005550c4a71fe17d43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegisterEventSourceA
SetSecurityDescriptorDacl
DeregisterEventSource
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor

kernel32

GetTempFileNameA
CreateDirectoryA
GetCurrentProcess
GetCurrentThreadId
lstrlenA
CreateEventA
GetSystemDirectoryA
FindFirstFileA
GetShortPathNameA
GetTickCount
GetStartupInfoA
GlobalLock
SetCommBreak
GetExitCodeProcess
GlobalAlloc
SetEvent
GetLastError
WriteFile
lstrcpyA
RemoveDirectoryA
FindClose
FindNextFileA
ReadFile
CreateFileA
FindResourceA
DeleteFileA
FreeResource
GetProcAddress
LoadResource
CreateProcessA
GetCurrentProcessId
TerminateThread
GetSystemInfo
GetCommandLineA
SetFilePointer
GlobalUnlock
GetFileAttributesA
DosDateTimeToFileTime
GetVersionExA
LockResource
ExitProcess
LocalFileTimeToFileTime
GetDriveTypeA
GetWindowsDirectoryA
MulDiv
ResetEvent
FormatMessageA
lstrcmpA
lstrcmpiA
GetModuleHandleA
GetTempPathA
TerminateProcess
GetDiskFreeSpaceA
FlushFileBuffers
LoadLibraryA
_lopen
GetModuleFileNameA
SetFileAttributesA
GetPrivateProfileIntA
IsDBCSLeadByte
lstrcatA
CloseHandle
GetCurrentDirectoryA
CreateThread
LocalAlloc
GetSystemTimeAsFileTime
LocalFree
CreateMutexA
SetCurrentDirectoryA
QueryPerformanceCounter
lstrcpynA
LoadLibraryExA
ResetEvent
GetLongPathNameA
SizeofResource
GetVolumeInformationA
GlobalFree
SetFileTime

ole32

CoUninitialize
CreateItemMoniker
CoTaskMemFree
CoInitialize
GetRunningObjectTable
CoCreateInstance

oleaut32

RegisterActiveObject
DllUnregisterServer
GetActiveObject

shell32

Shell_NotifyIconA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 14KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9889861fcab353005550c4a71fe17d43

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

shell32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 10KB

.rsrc Size: 3KB - Virtual size: 3KB

.shared Size: 14KB - Virtual size: 43KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 10KB

.rsrc
Size: 3KB - Virtual size: 3KB

.shared
Size: 14KB - Virtual size: 43KB