38df9f94c97baa17abdcdf4f548272fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38df9f94c97baa17abdcdf4f548272fa_JaffaCakes118
Size

860KB
MD5

38df9f94c97baa17abdcdf4f548272fa
SHA1

73e2541c3a15231a5a6dfee6fd8ce1a0dab517fc
SHA256

7a0d8085f012e7b37ba68681e134a0f988d35ebbaa1c4cfe88046a64b73d82c1
SHA512

d4e958ef7998d950146afd8a1a261382099b610bee752907e01a2303f414f8d4d55759ea53275017c57d87db8cea8f8485909c7b71b6d1bb1427261ef2bfb99e
SSDEEP

12288:HYg0qjTzGaAwHUXJnYMpMRk1zv84Kf2sNV1ho1DparAQkTAfNXdbBoFBnmUC:z9zGdmCJn/VhTKfvo19arAnc0lmUC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38df9f94c97baa17abdcdf4f548272fa_JaffaCakes118

Files

38df9f94c97baa17abdcdf4f548272fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8dd76b6c9770a192e888b148fc0d2e2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
GetTickCount
FreeResource
GetCurrentThread
LocalFileTimeToFileTime
GetEnvironmentStringsA
SetFileAttributesW
SetErrorMode
GetEnvironmentStrings
InterlockedExchange
VirtualAlloc
GetStartupInfoA
GetShortPathNameW
EnterCriticalSection
FileTimeToSystemTime
LoadLibraryA
GetFullPathNameA
GetDriveTypeW
GetThreadLocale
RemoveDirectoryW
GetTimeFormatW
SetConsoleCtrlHandler
CreateDirectoryA
DeleteCriticalSection
GetModuleFileNameA
GlobalSize
GetTempFileNameA
OutputDebugStringA
GlobalLock
HeapAlloc
GetFullPathNameW
GetVersion
OpenProcess
IsValidLocale
CompareStringW
GetCurrentThreadId
GetModuleFileNameW
LeaveCriticalSection

user32

IsWindowVisible
AdjustWindowRectEx
SetWindowLongW
CharUpperW
GetActiveWindow
GetPropW
GetMessageA
SetClipboardData
CreateWindowExA
LoadBitmapA
ValidateRect
SetWindowTextA
DialogBoxParamW
WindowFromPoint
GetDlgItem
GetMessagePos
IsWindow
DrawIcon
PtInRect
EnumThreadWindows
GetParent
GetMenuItemID
RegisterWindowMessageA
SetWindowsHookExA
MessageBoxW
GetDlgItemTextW
GetWindowTextA
SetForegroundWindow

advapi32

RegEnumKeyExW
RevertToSelf
GetTokenInformation
SetSecurityDescriptorDacl
QueryServiceStatus
RegQueryValueExW
InitializeAcl
CloseServiceHandle
RegCreateKeyW

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 699KB - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dd76b6c9770a192e888b148fc0d2e2d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 699KB - Virtual size: 699KB

.data Size: 2KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 699KB - Virtual size: 699KB

.data
Size: 2KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB