ec1c377d05012b19308ada6f51e6b358_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec1c377d05012b19308ada6f51e6b358_JaffaCakes118
Size

184KB
MD5

ec1c377d05012b19308ada6f51e6b358
SHA1

a32858ae1740c6f0d1be5542bdd001dead13fe10
SHA256

4abf9dea9bb37989c605d0b8e8f069efeb5b645fd309c9fdaa1294e169be6da9
SHA512

7c3cf2162cfcabfb537bcb284d839a1fece5d73d047aadfc12551dbdaf9c07cf69eed275de06a7ff9850768c2a00e19477d3e123bfa9800f0d28b22a13605973
SSDEEP

1536:zLRiTdpvW444SRwQAs+2HMV4pF0iSNvo7guoxVsyD+W06w3q7VoagHT0:5iXvWzDjwCMGpFlqS4OQ+7a7Voa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec1c377d05012b19308ada6f51e6b358_JaffaCakes118

Files

ec1c377d05012b19308ada6f51e6b358_JaffaCakes118
.exe windows:4 windows x86 arch:x86

484f17d68b9b7ab2c595ea9329c22a36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
DeleteFileW
CopyFileExW
ExitThread
CreateDirectoryA
GetCPInfo
GetFileTime
SetLastError
ReadConsoleW
GetCommandLineA
CreateThread
DeleteAtom
WriteFile
GetComputerNameA
CopyFileW
FindAtomA
OpenFile
OpenFileMappingA
ReadFile
GetFileSize
CopyFileExA
FindAtomA
CopyFileExW
GetConsoleMode
CreateThread
ReadConsoleW
DeleteFileW
GetStdHandle
Sleep
DeleteAtom
OpenFile
GlobalFree
CopyFileA
DeleteFileA
GetLastError
GetCommandLineA
CopyFileExA
CopyFileW
SetLastError
CopyFileExW
CreateDirectoryA
GetCPInfo
GetStdHandle
DeleteAtom
FindFirstFileA
ReadFile
GetCommandLineA
ExitThread
DeleteFileW
Sleep
CreateThread
GetFileTime
FindAtomA
GlobalFree
WriteFile
GetComputerNameA

advapi32

RegGetKeySecurity
RegCreateKeyW
RegEnumKeyExA
RegEnumKeyA
RegEnumValueW
RegQueryValueExA
RegDeleteKeyW
RegOpenKeyExA
RegLoadKeyA
RegQueryValueW
RegDeleteValueW
RegEnumKeyExW
RegReplaceKeyA
RegFlushKey
RegOpenKeyW
RegEnumValueA
RegQueryValueA
RegReplaceKeyW
RegEnumKeyExA
RegQueryValueExA
RegEnumValueA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExW
RegLoadKeyA
RegDeleteValueA
RegLoadKeyW
RegOpenKeyExA
RegQueryInfoKeyW
RegFlushKey
RegQueryValueW
RegDeleteValueW
RegEnumKeyW
RegOpenKeyA
RegQueryValueExW
RegOpenKeyW
RegGetKeySecurity
RegQueryValueA
RegCreateKeyExW
RegEnumKeyExW
RegLoadKeyA
RegDeleteValueA
RegQueryValueExA
RegFlushKey
RegGetKeySecurity
RegQueryInfoKeyW
RegQueryValueW
RegEnumKeyExA
RegLoadKeyW
RegEnumValueA
RegOpenKeyW
RegEnumKeyW
RegReplaceKeyA
RegOpenKeyExA
RegDeleteValueW
RegOpenKeyA
RegDeleteKeyW
RegEnumKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegLoadKeyW
RegDeleteKeyW
RegLoadKeyA
RegQueryValueA
RegQueryInfoKeyW
RegCreateKeyW
RegOpenKeyExA
RegOpenKeyW
RegQueryValueW
RegEnumKeyExW
RegEnumKeyW
RegReplaceKeyA
RegFlushKey

Sections

CODE
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rPBrdc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TyuBCi
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 120KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oSBXkS
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

484f17d68b9b7ab2c595ea9329c22a36

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

CODE Size: 4KB - Virtual size: 3KB

.rPBrdc Size: 8KB - Virtual size: 4KB

.cdata Size: 8KB - Virtual size: 4KB

.TyuBCi Size: 8KB - Virtual size: 4KB

.edata Size: 120KB - Virtual size: 4.6MB

.oSBXkS Size: 4KB - Virtual size: 32B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 18KB

CODE
Size: 4KB - Virtual size: 3KB

.rPBrdc
Size: 8KB - Virtual size: 4KB

.cdata
Size: 8KB - Virtual size: 4KB

.TyuBCi
Size: 8KB - Virtual size: 4KB

.edata
Size: 120KB - Virtual size: 4.6MB

.oSBXkS
Size: 4KB - Virtual size: 32B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 18KB