f65b53fdd531e3c34ab5441c527c26db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f65b53fdd531e3c34ab5441c527c26db_JaffaCakes118
Size

120KB
MD5

f65b53fdd531e3c34ab5441c527c26db
SHA1

d83284b25d711dd1921c96599510601e05c209b5
SHA256

830cab2b452e623f3417e28354630e7949a8c50d8201ad855e48fdf5ae338c5a
SHA512

1a87f2caa29015601f46ce3c94d997c11cd7c90a4dd0b5ae8e58106bd8908234e9f37edebe881d8d24bd2e978835be5b0f221470307b88e031ff3685feacc20c
SSDEEP

1536:ZMtOkE8yDGGwugJpRHw1fGQWwbSw5UWkUwOk6YwIKqnHnxQhHv9tpZ:yOk/QlGnQxnEHnxQhHv9tpZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f65b53fdd531e3c34ab5441c527c26db_JaffaCakes118

Files

f65b53fdd531e3c34ab5441c527c26db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d80bffa8d89dd1d0dd22dbaffeb4e71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Module32First
Process32Next
CreateWaitableTimerW
CreateToolhelp32Snapshot
Module32Next
CloseHandle
DeleteFileW
GetModuleFileNameW
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
ReadFile
TerminateProcess
GetVersionExW
CopyFileW
OpenProcess
GetModuleHandleW
Process32First
SetWaitableTimer
CreateMutexW
GetLastError
Sleep
GetTickCount
GetVolumeInformationW
InterlockedDecrement
InterlockedIncrement
SetFileAttributesW
GetEnvironmentVariableW
SetEndOfFile
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
MultiByteToWideChar
CreateFileW
GetOEMCP
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitThread
ResumeThread
CreateThread
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleA
ExitProcess
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
RaiseException
WideCharToMultiByte
GetTimeZoneInformation
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetCPInfo
GetACP
SetEnvironmentVariableA

user32

MsgWaitForMultipleObjects
MessageBoxW
PeekMessageW
TranslateMessage
wsprintfW
DispatchMessageW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegQueryValueExW
RegCreateKeyW
GetUserNameW
QueryServiceConfigA
OpenSCManagerA
QueryServiceStatusEx
ChangeServiceConfigA
StartServiceA
CloseServiceHandle
OpenServiceA
RegSetValueExW

shell32

ShellExecuteW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocString
SysAllocStringByteLen
VarBstrCmp
VariantInit
VariantClear
SysFreeString
SysStringByteLen

shlwapi

UrlEscapeW

netapi32

NetApiBufferFree
NetUserGetInfo

urlmon

URLDownloadToFileW

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d80bffa8d89dd1d0dd22dbaffeb4e71

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

netapi32

urlmon

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 176B