0f7e42638c9af30868a26ba1bb3ec3eb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f7e42638c9af30868a26ba1bb3ec3eb_JaffaCakes118
Size

353KB
MD5

0f7e42638c9af30868a26ba1bb3ec3eb
SHA1

9c60f70c20988115d24248c98b5fff012d54b8a1
SHA256

344616174a27817a2074dd8b8e8e5c9836e326ffd5271f2f96277ba8c918e051
SHA512

e0ae065a658e1383726ace4b5273b5f1b377ccc63473c4955972db8693a9bdfdd7437ba45297d8d8da1da81f0f9d6003a9868df188404bdec79df9178a198fb9
SSDEEP

6144:miuOIPIKArCXSiMtPz5OEHx0WfIcvZJqOxzLmbT2nQF1BS5skAjvk5IV7QSZwquh:miWViCMsEHx0WfIcxJqOaTD1HeIVnZwV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f7e42638c9af30868a26ba1bb3ec3eb_JaffaCakes118

Files

0f7e42638c9af30868a26ba1bb3ec3eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5aad6a6699b52ad20f9db4868e21ca0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalFree
OutputDebugStringA
DisableThreadLibraryCalls
QueryPerformanceCounter
GetLastError
LoadLibraryA
OpenSemaphoreW
GetCurrentThread
GetProcAddress
WaitForSingleObject
IsDBCSLeadByte
lstrlenW
GetModuleHandleA
LocalAlloc
SetLastError
CloseHandle
RtlUnwind
ReleaseSemaphore
GetCurrentThreadId
GetCurrentProcess
GetSystemTimeAsFileTime
ExitProcess
GetCurrentProcessId

ntdll

DbgPrint
ZwLoadDriver

msvcrt

_adjust_fdiv
malloc
free
_tell

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
IdentifyCodeAuthzLevelW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegOpenCurrentUser
GetOverlappedAccessResults

user32

UnregisterHotKey
wvsprintfA

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5aad6a6699b52ad20f9db4868e21ca0

Headers

File Characteristics

Imports

kernel32

ntdll

msvcrt

advapi32

user32

Sections

.text Size: 74KB - Virtual size: 76KB

.data Size: 145KB - Virtual size: 145KB

.rdata Size: 117KB - Virtual size: 117KB

.bss Size: - Virtual size: 12KB

.idata Size: 1KB - Virtual size: 1KB

.crt Size: 512B - Virtual size: 54B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 74KB - Virtual size: 76KB

.data
Size: 145KB - Virtual size: 145KB

.rdata
Size: 117KB - Virtual size: 117KB

.bss
Size: - Virtual size: 12KB

.idata
Size: 1KB - Virtual size: 1KB

.crt
Size: 512B - Virtual size: 54B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 12KB - Virtual size: 11KB