07f2d8e779ea757e3a6d3d8e13a53c82_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07f2d8e779ea757e3a6d3d8e13a53c82_JaffaCakes118
Size

1.2MB
MD5

07f2d8e779ea757e3a6d3d8e13a53c82
SHA1

b11f57a6d3e113566e6c50591d33a9230573ebb4
SHA256

e42037c8a87efed252102de85c58eceb6d7814255ec8b9c5dd6966068933869e
SHA512

604e8ff7239190d5b107e6a77b6559652f9bbb01932f80284275c8e80173eb8d5ef3d09665b56c030df6c8c3893ce42a49020ba9924808bf5ff106e448d3ca9a
SSDEEP

24576:Wuz6BpserwMlpYWe+rqSG/InTvO4chtgU:5eDHrwMTsgbO4chtz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07f2d8e779ea757e3a6d3d8e13a53c82_JaffaCakes118

Files

07f2d8e779ea757e3a6d3d8e13a53c82_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c83de38522c88f1b8b13952d11ed2a8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalAlloc
GlobalFree
LocalFree
VirtualAlloc
HeapAlloc
GetCurrentThreadId
GetLastError
InitializeCriticalSection
SetFilePointer
CloseHandle
MulDiv
lstrlenW
LoadLibraryW
GetFileAttributesW
GetACP
GetLocaleInfoW
GetUserDefaultLCID
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
CreateFileW
GetModuleHandleExW
ExitProcess
DecodePointer
EncodePointer
SetLastError
GetCommandLineW

ole32

CoTaskMemRealloc

secur32

GetUserNameExW
FreeContextBuffer
TranslateNameW

setupapi

SetupOpenInfFileW
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
CM_Get_Device_ID_ExW
CM_Get_Parent
CM_Get_Parent_Ex
CM_Locate_DevNodeW
SetupGetFieldCount

shlwapi

PathRemoveBackslashW
PathParseIconLocationW
PathIsNetworkPathW
PathIsUNCW
PathIsRootW
PathIsRelativeW
PathIsDirectoryW
PathGetDriveNumberW
PathFindNextComponentW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathCombineW
PathCanonicalizeW
PathRemoveExtensionW
PathAppendW
PathAddBackslashW
SHStrDupW
StrCmpIW
StrCmpW
StrToIntW
StrStrIW
StrStrW
StrRChrW
StrFormatByteSizeW
StrDupW
StrCmpNIW
StrCmpNW
StrChrIW
StrChrW
PathRemoveFileSpecW
PathSkipRootW
PathStripPathW
PathStripToRootW
UrlCanonicalizeW
UrlEscapeW
PathCreateFromUrlW
SHDeleteKeyW
SHDeleteValueW
SHGetValueW
SHSetValueW
AssocCreate
SHAutoComplete
PathBuildRootW
AssocQueryStringW
UrlIsW

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 750KB - Virtual size: 750KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c83de38522c88f1b8b13952d11ed2a8a

Headers

File Characteristics

Imports

kernel32

ole32

secur32

setupapi

shlwapi

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 750KB - Virtual size: 750KB

.data Size: 10KB - Virtual size: 6.9MB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 750KB - Virtual size: 750KB

.data
Size: 10KB - Virtual size: 6.9MB

.rsrc
Size: 362KB - Virtual size: 361KB