e7c25c2b66f06fcfa847ad6f19c2d977_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e7c25c2b66f06fcfa847ad6f19c2d977_JaffaCakes118
Size

858KB
MD5

e7c25c2b66f06fcfa847ad6f19c2d977
SHA1

cb2a023108dbc7261280a1db06f4249836f74b26
SHA256

23f463aa1bf74306429df8ce1dcfadbf3522e759acfbd576529746ef92876606
SHA512

4a3c9e0a38511c7d6b0499b3987b8f0dd9c0a74dbce3c80fd76c5ad99d8e323141b4b77c9b2ec0752b90faa9fbbbce1f30ff49bc8b2dc83d679e90175ea96989
SSDEEP

24576:Lrtz1zo2ll3cJ/IfxSvaCf8TpKIQ3RVaZ8dy:9Js2lE4ZE3RV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7c25c2b66f06fcfa847ad6f19c2d977_JaffaCakes118

Files

e7c25c2b66f06fcfa847ad6f19c2d977_JaffaCakes118
.exe windows:4 windows x86 arch:x86

250f2ccbb34bc5d81ac7795c72543c04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHAutoComplete
UrlCombineA
SHRegOpenUSKeyA
StrChrIA
PathAppendA
StrToIntExA
SHDeleteValueA
SHRegEnumUSKeyA
PathQuoteSpacesA
SHRegWriteUSValueA
SHRegCreateUSKeyA
PathSearchAndQualifyA
ColorHLSToRGB
PathCommonPrefixA
PathFileExistsA
PathFindOnPathA
PathIsRelativeA
PathGetDriveNumberA
AssocQueryStringA
UrlIsOpaqueA
SHCreateStreamWrapper
StrCSpnA
StrSpnA
PathIsUNCA
PathMakePrettyA
PathRemoveBlanksA
HashData
SHIsLowMemoryMachine
StrFormatByteSize64A
StrRChrIA

kernel32

SetEnvironmentVariableA
FatalExit
lstrcat
VirtualFree
WaitForSingleObject
FillConsoleOutputAttribute
FlushInstructionCache
PeekNamedPipe
CreateThread
GetExitCodeThread
SetMailslotInfo
SetConsoleOutputCP
CallNamedPipeA
TlsFree
GetCurrentProcessId
GetConsoleTitleA
IsBadWritePtr
LocalFree
EnumCalendarInfoA
ExpandEnvironmentStringsA
FindFirstFileA
lstrcmpi
OutputDebugStringA
OpenSemaphoreA
IsBadHugeReadPtr
GetProfileIntA
AddAtomA
GetConsoleOutputCP
GetProcessHeaps
FreeLibrary
GetProcessAffinityMask
ClearCommBreak
EnumResourceLanguagesA
CreateConsoleScreenBuffer
Heap32First
CloseHandle
lstrcpyn
GetPrivateProfileStructA
GetFullPathNameA
VirtualLock
GetOverlappedResult
LoadModule
GetSystemPowerStatus
SetupComm
ContinueDebugEvent
SetConsoleWindowInfo
GetNumberOfConsoleMouseButtons
GetTimeZoneInformation
ExitProcess
SetCommMask
ReadFileEx
FindAtomA
IsDBCSLeadByteEx
SetVolumeLabelA
ReadConsoleA
SetProcessAffinityMask
UTRegister
GetBinaryTypeA
GenerateConsoleCtrlEvent
FindNextChangeNotification

Sections

.twlub
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmpw
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nud
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ipo
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lgnq
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkpgb
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.epe
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdyxs
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buhip
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

250f2ccbb34bc5d81ac7795c72543c04

Headers

File Characteristics

Imports

shlwapi

kernel32

Sections

.twlub Size: 635KB - Virtual size: 1.3MB

.vmpw Size: 5KB - Virtual size: 5KB

.nud Size: 19KB - Virtual size: 27KB

.ipo Size: 512B - Virtual size: 20KB

.lgnq Size: 6KB - Virtual size: 15KB

.rkpgb Size: 512B - Virtual size: 56B

.epe Size: 512B - Virtual size: 24B

.sdyxs Size: 48KB - Virtual size: 76KB

.buhip Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.twlub
Size: 635KB - Virtual size: 1.3MB

.vmpw
Size: 5KB - Virtual size: 5KB

.nud
Size: 19KB - Virtual size: 27KB

.ipo
Size: 512B - Virtual size: 20KB

.lgnq
Size: 6KB - Virtual size: 15KB

.rkpgb
Size: 512B - Virtual size: 56B

.epe
Size: 512B - Virtual size: 24B

.sdyxs
Size: 48KB - Virtual size: 76KB

.buhip
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB