a8bd17695d07805a037dca03e52befa0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a8bd17695d07805a037dca03e52befa0_JaffaCakes118
Size

935KB
MD5

a8bd17695d07805a037dca03e52befa0
SHA1

942a7a565fb1194a0ca47f6cee88de987db3fe4d
SHA256

d93ac92b75a1deed6861051e9dc65c5aa99f88fc62ca9800cc2fc9d183ea9217
SHA512

d92b51510d213e5992c810a94407b4fc2070709339bc650f4609fbf80a31005fad5a8d4ab42f211c5f6102befa32cbba2f1c2025954e7645ad777d020607f054
SSDEEP

24576:4Sbrwp4yZyyKHhju1rXO8Sxqp4m2Tcjba3o9gu:40wMArZSwwTpy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8bd17695d07805a037dca03e52befa0_JaffaCakes118

Files

a8bd17695d07805a037dca03e52befa0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f36469a412c9d838b4cf259beed2316

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsURLW
StrChrIW
StrCmpNW
StrCmpNIW
StrRChrW
StrToIntExW
StrTrimW
SHAutoComplete
SHSetValueW
SHDeleteValueW
SHDeleteKeyW
SHDeleteEmptyKeyW
PathCreateFromUrlW
PathStripPathW
PathSkipRootW
PathRemoveBackslashW
StrChrW
PathIsUNCServerW
PathIsNetworkPathW
PathIsUNCW
PathIsRootW
PathIsDirectoryW
PathCanonicalizeW
PathBuildRootW
PathAppendW
PathAddBackslashW
StrRetToBufW

uxtheme

DrawThemeBackground
DrawThemeText
GetThemeColor
GetThemeSysColor
EnableThemeDialogTexture
CloseThemeData

kernel32

DecodePointer
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
LeaveCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GlobalFree
VirtualAlloc
HeapAlloc
HeapFree
GetCurrentThreadId
GetLastError
EnterCriticalSection
FindClose
CloseHandle
GetSystemTimeAsFileTime
GetModuleFileNameW
FindResourceW
GetTempPathW
CreateFileW
FindFirstFileW
IsValidCodePage
MultiByteToWideChar
GetStringTypeW
GetCommandLineW
SetLastError
EncodePointer
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 839KB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f36469a412c9d838b4cf259beed2316

Headers

File Characteristics

Imports

shlwapi

uxtheme

kernel32

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 839KB - Virtual size: 7.8MB

.rsrc Size: 11KB - Virtual size: 12KB

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 839KB - Virtual size: 7.8MB

.rsrc
Size: 11KB - Virtual size: 12KB