814eb7a357361da5459525446e71d8bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

814eb7a357361da5459525446e71d8bb_JaffaCakes118
Size

883KB
MD5

814eb7a357361da5459525446e71d8bb
SHA1

fa9c00f83dfadebfb11736008d80da2fea52679e
SHA256

13de5d587bf6f1db142e94ced02d8a93524765bacfb2615f83ff93f966f90530
SHA512

2e9769e1d28157c0d94286d2482a459999bd92d361d77b6c4584fc66a2c552fcab63d54bc7f59dcc696720c8bccf3d3abccfd374ec2a9bc9ad2086226c02ec43
SSDEEP

24576:aaneOi+OA3PWidYYRNceD5ZzU7qpJslfQhQI:Le2OEWm9NXD56W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
814eb7a357361da5459525446e71d8bb_JaffaCakes118

Files

814eb7a357361da5459525446e71d8bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fd75d057b779937e472fe0f74865eac3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseFontW
GetFileTitleW

advapi32

RegQueryValueExW
RegDeleteValueW
RegCloseKey

shlwapi

AssocQueryStringW
SHSetValueW
SHGetValueW
SHDeleteValueW
SHDeleteKeyW
PathCreateFromUrlW
UrlIsW
PathStripToRootW
PathStripPathW
PathRemoveBlanksW
PathParseIconLocationW
PathIsURLW
PathIsNetworkPathW
PathIsUNCW
PathIsRootW
PathGetDriveNumberW
PathFindFileNameW
PathBuildRootW
PathAppendW
StrRetToBufW
StrRetToStrW
StrStrIW
StrRChrW
StrFormatByteSizeW
StrChrW

kernel32

WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetProcAddress
LocalFree
VirtualAlloc
GetCurrentProcessId
ExitProcess
FreeEnvironmentStringsW
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseSemaphore
LoadResource
FindClose
CloseHandle
GetSystemInfo
lstrcmpiW
CreateFileMappingW
LoadLibraryW
GetModuleFileNameW
GetModuleHandleW
CreateProcessW
ExpandEnvironmentStringsW
FindResourceW
GetTempPathW
GetFullPathNameW
FindNextFileW
WideCharToMultiByte
GetLocaleInfoW
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
HeapFree
IsValidCodePage
GetACP
CreateFileW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 231KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boy67l
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.27nae9
Size: 211KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd75d057b779937e472fe0f74865eac3

Headers

File Characteristics

Imports

comdlg32

advapi32

shlwapi

kernel32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 231KB - Virtual size: 7.1MB

.boy67l Size: 356KB - Virtual size: 356KB

.27nae9 Size: 211KB - Virtual size: 214KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 231KB - Virtual size: 7.1MB

.boy67l
Size: 356KB - Virtual size: 356KB

.27nae9
Size: 211KB - Virtual size: 214KB