57197e2a252c678c4c98273f09578730_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

57197e2a252c678c4c98273f09578730_JaffaCakes118
Size

44KB
MD5

57197e2a252c678c4c98273f09578730
SHA1

e77a707574550269387a9214f2865be55bd4c8d5
SHA256

f30bca8b6c650d10f1a9b9a3705ade197fb32d103d0f3a42c635975c8dde3146
SHA512

0892cb68bd78c7c100d0d45db87f627b761c3d3175432185e2d465ba6c33a501a78a48606212cd30a536222fe3c6ce938a9eea2ccb69ca737cd4bb2608e1131d
SSDEEP

768:IPoNbFqSEw30Sa0ZqeubOtWcyxVpko1VNhJS38JsMor:IPgFqSEwdtQwbyzao1VJHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57197e2a252c678c4c98273f09578730_JaffaCakes118

Files

57197e2a252c678c4c98273f09578730_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1a999644568bc94965e3a581d52acf37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GetCommandLineW
ReleaseMutex
SetErrorMode
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObject
WritePrivateProfileSectionA
lstrlenA
CreateFileA
VirtualAlloc
ExitProcess
DeleteFileA
CreateMutexA
QueryPerformanceCounter
CloseHandle

user32

SendMessageTimeoutA
MessageBoxA
SetForegroundWindow
GetWindowThreadProcessId
LoadIconA
RegisterClassExA
ShowWindow
LoadIconW
LoadStringA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA

shlwapi

PathRemoveFileSpecA
StrStrIA
StrCmpIW
SHSetValueA
SHGetValueA

msvcrt

memcpy
memset
_vsnprintf

Sections

.te3xtR3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.te3xtR2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.te3xtR1
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a999644568bc94965e3a581d52acf37

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

Sections

.te3xtR3 Size: 1KB - Virtual size: 1KB

.te3xtR2 Size: 1KB - Virtual size: 1KB

.te3xtR1 Size: 20KB - Virtual size: 20KB

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 948B

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 512B - Virtual size: 398B

.te3xtR3
Size: 1KB - Virtual size: 1KB

.te3xtR2
Size: 1KB - Virtual size: 1KB

.te3xtR1
Size: 20KB - Virtual size: 20KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 948B

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 512B - Virtual size: 398B