450f38abfba173d674d17d8852ff2e60_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

450f38abfba173d674d17d8852ff2e60_JaffaCakes118
Size

552KB
MD5

450f38abfba173d674d17d8852ff2e60
SHA1

5c842471ef5a1bfcf476c7fb1860c141f5e413cd
SHA256

dfcb06661e810b8bfb027de776be137c9dff87bb13f9c12755e28010e125677e
SHA512

faae0ba301a9420a753d8b4ca1318b0a23a407fd5e53c333232145d1a576f21210ed1b34e3087cc957c94a17e98ab857b119a101f1ae98f71e9a4a017f4552d8
SSDEEP

12288:+Uo2DmLsjV89PZkie6n9Ao++63cN6MAT5ySRT96mWAsoq2sepxyx:vScVHi7nOocIFa6mmEsepx2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
450f38abfba173d674d17d8852ff2e60_JaffaCakes118

Files

450f38abfba173d674d17d8852ff2e60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd7fe0044936ed696bac55beeb4cb24b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeAccessData
RemoveMenu
GetMenuStringW
OpenIcon
CreateDesktopA
SetMenuContextHelpId
SetScrollPos
GetClipboardData
SetCaretPos
FlashWindow
PostMessageA
MenuItemFromPoint
SetSysColorsTemp

msvcrt

_onexit
__wgetmainargs
_wfindnext
strerror
free
__p__tzname
isprint
_execve
_wcsnicmp
_chgsign
_nextafter
isleadbyte
_heapset

gdi32

SetColorAdjustment
SetLayout
GetWinMetaFileBits
SetDeviceGammaRamp
SetLayout
GetROP2
GetGraphicsMode
CancelDC
GetEnhMetaFileW
GdiGetBatchLimit
GetWindowOrgEx
GetSystemPaletteEntries
GetPixel

advapi32

RegCreateKeyW
CreateProcessAsUserW
RegSetValueExA

kernel32

GetModuleHandleA
FindFirstFileA
CommConfigDialogW
FlushViewOfFile
GetCurrentDirectoryA
ExitProcess
SetErrorMode
EnumSystemLocalesW
VirtualFree
SetFileTime
GlobalWire
GetCurrentProcess
FindResourceW
GetCurrentProcessId
Sleep
FatalExit
GetCommandLineW
VirtualAlloc
SystemTimeToTzSpecificLocalTime
EnumSystemCodePagesW
CreateEventW
EnumDateFormatsA
GetStartupInfoW
DisconnectNamedPipe

Sections

CODE
Size: 25KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BSS
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd7fe0044936ed696bac55beeb4cb24b

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

gdi32

advapi32

kernel32

Sections

CODE Size: 25KB - Virtual size: 26KB

DATA Size: 11KB - Virtual size: 16KB

.BSS Size: 11KB - Virtual size: 18KB

.rdata Size: 26KB - Virtual size: 105KB

.rsrc Size: 4KB - Virtual size: 4KB

CODE
Size: 25KB - Virtual size: 26KB

DATA
Size: 11KB - Virtual size: 16KB

.BSS
Size: 11KB - Virtual size: 18KB

.rdata
Size: 26KB - Virtual size: 105KB

.rsrc
Size: 4KB - Virtual size: 4KB