9fa0d4a8162fdd8463ceb34d8aa60dea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9fa0d4a8162fdd8463ceb34d8aa60dea_JaffaCakes118
Size

1.2MB
MD5

9fa0d4a8162fdd8463ceb34d8aa60dea
SHA1

e73e6748ac86b9ee3990053ec0eb17bf704e0009
SHA256

955d54d9223df94dda1bdf2ed1bed51677264bdb2d7a759808431903370562ae
SHA512

2b6677fba83b5635479780121ee665d997233185c2aa1111462d3f404e04ef0635f7c4386bbe40f51c4eabf84f0f841de1909fbef3c7f7e7991fd3389332dcbf
SSDEEP

24576:n1T3ToH7MtPnTOn9wgivGY9jqNL7iSMQkwp:N3JLOn9JPMjqDr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fa0d4a8162fdd8463ceb34d8aa60dea_JaffaCakes118

Files

9fa0d4a8162fdd8463ceb34d8aa60dea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ceb921248527dee2ce358837b2ba4ae9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegCloseKey

shell32

DragFinish
ExtractIconExW
SHFileOperationW
Shell_NotifyIconW
SHGetFileInfoW
SHGetPathFromIDListW
SHBindToParent
SHChangeNotify
SHCreateDirectoryExW

ole32

ReleaseStgMedium
PropVariantClear
CoGetMalloc

secur32

QuerySecurityPackageInfoW
FreeCredentialsHandle

kernel32

SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
OutputDebugStringW
RtlUnwind
GetProcAddress
GetVersion
GlobalLock
GlobalUnlock
LocalFree
VirtualAlloc
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentProcess
GetCurrentProcessId
ExitProcess
GetCurrentThreadId
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetHandleCount
GetFileSize
WriteFile
SetEndOfFile
SetFilePointer
CloseHandle
GetSystemTime
GetSystemTimeAsFileTime
GetLocalTime
FileTimeToLocalFileTime
FormatMessageW
TlsAlloc
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
CreateProcessW
GetStartupInfoW
ExpandEnvironmentStringsW
FindResourceW
GetSystemDirectoryW
GetFullPathNameW
CreateFileW
DeleteFileW
IsValidCodePage
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoW
GetCommandLineW
SetLastError
EncodePointer
DecodePointer
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
TlsGetValue
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteConsoleW

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 750KB - Virtual size: 750KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ceb921248527dee2ce358837b2ba4ae9

Headers

File Characteristics

Imports

advapi32

shell32

ole32

secur32

kernel32

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 750KB - Virtual size: 750KB

.data Size: 16KB - Virtual size: 6.8MB

.rsrc Size: 362KB - Virtual size: 361KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 750KB - Virtual size: 750KB

.data
Size: 16KB - Virtual size: 6.8MB

.rsrc
Size: 362KB - Virtual size: 361KB