935a05dce4292f91c043c664d8bb7dc0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

935a05dce4292f91c043c664d8bb7dc0_JaffaCakes118
Size

5.7MB
MD5

935a05dce4292f91c043c664d8bb7dc0
SHA1

f404f03b0799e02b10118607d6fc02f8b8a0827c
SHA256

c799a2f9f3d554cc01e9c12fed8aec397ecd663da49a8fa9fc5602ca89f7a3e3
SHA512

f3d68f3f4af70103bba3cc6de5f1f0021a2d4944451a4b8e60701a4b3182cbeeffa819cc943eeeedba5cffe13df0ab3fcc40517e43cd7d74026aa0f0f5bf80db
SSDEEP

98304:4BvbXfzWTApdgdhqazCdhFKPuZc2Jxa5n58nQM12nQIv1:cXIXqJhgPuZc2a5n50PMQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
935a05dce4292f91c043c664d8bb7dc0_JaffaCakes118

Files

935a05dce4292f91c043c664d8bb7dc0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a17316f99e6df17a13d1fa120eb2811b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedExchange
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
WideCharToMultiByte
GetAtomNameA
MoveFileA
IsValidCodePage
GetStartupInfoW
GetBinaryTypeA
FoldStringA
OpenProcess
GlobalFindAtomA
GetProcessHeap
GetDiskFreeSpaceExA
GetFileAttributesA
GetUserDefaultLangID
GetLastError
CreateEventW
GetFileAttributesW
DecodePointer
InterlockedIncrement
GetCurrentProcess
GetHandleInformation
GetCurrentThread
GetExitCodeProcess
GetCommandLineW
GetSystemTime
OpenFileMappingW
GetCommandLineA
GlobalFindAtomW
CreateMutexA
GetNamedPipeInfo
OutputDebugStringW
GetDiskFreeSpaceW
CreateNamedPipeW
IsDebuggerPresent
GetModuleFileNameA
GetDiskFreeSpaceA
IsProcessorFeaturePresent
FindFirstFileExA
OpenMutexA
FindFirstFileExW
LoadLibraryExA
CreateWaitableTimerA
CreateTimerQueue
FindAtomW
GetProcessId
CreateNamedPipeA
GetExitCodeThread
GetSystemDefaultLCID
CreateSemaphoreW
GetConsoleAliasExesLengthA
OpenEventW
GetFileSizeEx
EncodePointer
GetFileSize
FindAtomA
GetLocalTime
GetProcessAffinityMask
GetFileType
QueryPerformanceCounter
GetCompressedFileSizeW
CreateEventA
GetFileAttributesExW
IsValidLocale
GetVersionExA
GetUserDefaultUILanguage
GetBinaryTypeW
FindFirstFileA
OpenEventA
GetFileAttributesExA
FindFirstFileW
GetAtomNameW
GetProfileIntA
OutputDebugStringA
GetThreadLocale
GetProcessVersion
GetSystemDefaultLangID
InitializeCriticalSection
GetOEMCP
CreateSemaphoreA
DeleteFileA
GetModuleHandleA
GetUserDefaultLCID
GetCompressedFileSizeA
GetDriveTypeA
OpenMutexW
GetDiskFreeSpaceExW
CreateWaitableTimerW
GetProcessTimes
FoldStringW
GetLargestConsoleWindowSize
QueryPerformanceFrequency
GetConsoleWindow
GetProcAddress
LoadLibraryA
MoveFileW
OpenFileMappingA
GetTickCount
CreateMutexW
GetConsoleAliasExesLengthW
MoveFileExA
RemoveDirectoryW
GetLogicalDrives
EnumSystemLocalesA
GetLocaleInfoA
FreeLibrary
SetConsoleCtrlHandler
GetStringTypeW
MultiByteToWideChar
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetModuleHandleW
GetCurrentProcessId
GetSystemDefaultUILanguage
GetStartupInfoA
RemoveDirectoryA
GetDriveTypeW
MoveFileExW
GetModuleFileNameW
VirtualAlloc
LoadLibraryW
LoadLibraryExW
DeleteFileW
MulDiv
GetVersion
OpenThread
GetFileTime
GetConsoleCP
GetProfileIntW
IsValidLanguageGroup
EnumResourceNamesW
GetVersionExW
RtlUnwind
HeapSetInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCPInfo
GetACP
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetSystemTimeAsFileTime
Sleep
GetLocaleInfoW
FatalAppExitA

ole32

CoInitialize
CoCreateInstance

oleaut32

SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayCreate
VariantInit

shlwapi

StrCmpW

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1008KB - Virtual size: 1007KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a17316f99e6df17a13d1fa120eb2811b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

oleaut32

shlwapi

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 1008KB - Virtual size: 1007KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 3.7MB - Virtual size: 3.7MB

.reloc Size: 66KB - Virtual size: 402KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 1008KB - Virtual size: 1007KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

.reloc
Size: 66KB - Virtual size: 402KB