d0f1e37a80b2991375e84a4f12e14c0b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d0f1e37a80b2991375e84a4f12e14c0b_JaffaCakes118
Size

971KB
MD5

d0f1e37a80b2991375e84a4f12e14c0b
SHA1

481d74dee99c332b07df1c54857629dcfb3a237d
SHA256

2a0d6ac3a76f7ddb1370e08304b9a90f70d539b0e6d1a42fb2b2da40195d0f06
SHA512

6ad571d6c1a2d8eaec770c584fbbe5f6b89f7e1c89a14f085d216570de48007a94153e2bf55504b4f6ab55ca546a6faa6e37c6f95d19291c4ed196a06cd73475
SSDEEP

24576:BF/UVuIyhNpExkyZmOpr0OwR98K0dOhcuNyfLkxN:rIyhNKkGmU0DeF8NCy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0f1e37a80b2991375e84a4f12e14c0b_JaffaCakes118

Files

d0f1e37a80b2991375e84a4f12e14c0b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cc6723aea9a674305847ac14c7c4f2fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

uxtheme

DrawThemeBackground
CloseThemeData

kernel32

WriteConsoleW
SetFilePointerEx
SetStdHandle
RtlUnwind
GetProcAddress
GetVersion
GlobalAlloc
GlobalUnlock
VirtualAlloc
HeapReAlloc
HeapFree
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
ReadFile
SetFilePointer
CloseHandle
GetSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
lstrlenW
CreateFileMappingW
GetModuleHandleW
FindResourceExW
GetSystemDirectoryW
GetTempPathW
CreateFileW
DeleteFileW
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
GetStringTypeW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
HeapAlloc
OutputDebugStringW
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetOEMCP
GetACP
IsValidCodePage
TlsFree
TlsSetValue
TlsGetValue
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc

setupapi

SetupFindFirstLineW
SetupDiCreateDeviceInfoListExW

secur32

GetUserNameExW
QuerySecurityPackageInfoW
DeleteSecurityContext

shlwapi

PathStripToRootW
PathStripPathW
PathSkipRootW
PathRemoveBlanksW
PathIsURLW
PathIsUNCServerW
PathGetDriveNumberW
SHDeleteValueW
PathFindExtensionW
PathCanonicalizeW
PathAppendW
StrRetToBufW
StrStrW
StrRChrW
StrCmpNIW
StrChrIW
SHGetValueW
PathFindNextComponentW
PathRemoveExtensionW

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 752KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc6723aea9a674305847ac14c7c4f2fa

Headers

File Characteristics

Imports

uxtheme

kernel32

setupapi

secur32

shlwapi

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 752KB - Virtual size: 751KB

.data Size: 10KB - Virtual size: 7.4MB

.rsrc Size: 142KB - Virtual size: 141KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 752KB - Virtual size: 751KB

.data
Size: 10KB - Virtual size: 7.4MB

.rsrc
Size: 142KB - Virtual size: 141KB