ca85eb1996d4db468a69cc4cc43a598e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ca85eb1996d4db468a69cc4cc43a598e_JaffaCakes118
Size

356KB
MD5

ca85eb1996d4db468a69cc4cc43a598e
SHA1

2b6ffcb70c4482e8c90c6a4b05891f8db98eb062
SHA256

468950756d28331ea2f2f87e1fbfeda4da535f911170daffc47da958f6289d1a
SHA512

dd7502797d24965f14c5a22dc1146121b3ce7cfeea901d88a635e7bdf8761f020a098e2fdb921ac841dc32ce65820379efb9d5f7134650ecc8eb8ce64c945cba
SSDEEP

3072:y9U6q94HVacKvR1Pk9LB4MaodiA8v1QSmUJ8TX+:y9U3GlarodiTxmUIu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca85eb1996d4db468a69cc4cc43a598e_JaffaCakes118

Files

ca85eb1996d4db468a69cc4cc43a598e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

455d970221dd3a2de61cecdda3ddccfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
DeleteFileA
DosDateTimeToFileTime
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FreeLibrary
FreeResource
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetExitCodeProcess
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetShortPathNameA
GetStartupInfoA
GetSystemDirectoryA
GetSystemInfo
GetTempFileNameA
GetTempPathA
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
CreateProcessA
GlobalUnlock
LoadLibraryA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockResource
ReadFile
RemoveDirectoryA
ResetEvent
SetCurrentDirectoryA
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SizeofResource
TerminateThread
WaitForSingleObject
WriteFile
_lclose
_llseek
_lopen
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
CreateMutexA
CreateFileA
CreateEventA
CloseHandle
GetProcAddress
GlobalLock
GetModuleHandleA

user32

EnableWindow
EndDialog
ExitWindowsEx
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetWindowLongA
GetWindowRect
LoadStringA
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
wsprintfA
DialogBoxIndirectParamA
CharUpperA
CharPrevA
CharNextA
CallWindowProcA
LoadCursorA
DispatchMessageA

gdi32

GetDeviceCaps
AddFontResourceA
AddFontResourceW

advapi32

RegOpenKeyW
RegQueryValueExW

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

455d970221dd3a2de61cecdda3ddccfb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 128KB - Virtual size: 127KB

.data Size: 71KB - Virtual size: 71KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 71KB - Virtual size: 71KB

.rsrc
Size: 1KB - Virtual size: 1KB