0725519abb3ec592d25b729becbb4718_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0725519abb3ec592d25b729becbb4718_JaffaCakes118
Size

59KB
MD5

0725519abb3ec592d25b729becbb4718
SHA1

bc75696849de928191293339fe63d5b26bf33363
SHA256

e8e7f3876de8e3c51da4c1bedeca0184088082592c84779e543e30e579b45843
SHA512

44fb65410aab1989c588d19f6b0722d05483d0e5c4640d83dc1603624ded1d771753d5ec1094fe2161d4ce99f6210765c62191e7b23961ff1547d3a623c76e2d
SSDEEP

1536:cout39Pdmj9KhiQaNedxSlLovmf/RwXECZmFXKNWdTM6DI:counPK9SiQiwxuEviCZmRK8d46DI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0725519abb3ec592d25b729becbb4718_JaffaCakes118

Files

0725519abb3ec592d25b729becbb4718_JaffaCakes118
.exe windows:4 windows x86 arch:x86

278393563cc91b360f1116c99fb12ec6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushInstructionCache
VirtualQueryEx
ContinueDebugEvent
OpenSemaphoreA
GetLongPathNameA
GetVersionExA
CreateMailslotA
PurgeComm
IsDBCSLeadByteEx
SetProcessShutdownParameters
OpenFileMappingA
SetSystemTime
ClearCommBreak
GetShortPathNameA
CreateNamedPipeA
VirtualProtectEx
GetTapeStatus
SwitchToFiber
WriteFile
SetEvent
GetPrivateProfileIntA
GetExitCodeThread
GlobalAddAtomA
Heap32ListNext
GenerateConsoleCtrlEvent
FindResourceA
CreateThread
GlobalFindAtomA
GetBinaryTypeA
SetConsoleOutputCP
GlobalUnWire
SetStdHandle
SetEnvironmentVariableA
lstrcmpi
GetDriveTypeA
EnumCalendarInfoA
InterlockedExchange
DisconnectNamedPipe
QueueUserAPC
LocalFree
GlobalReAlloc
lstrcpyn
VirtualLock
WaitCommEvent
SetTimeZoneInformation
GetUserDefaultLangID
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
SetFileApisToOEM
UTRegister
LocalUnlock
GetStringTypeExA
SetConsoleTextAttribute
TransactNamedPipe
OutputDebugStringA
UpdateResourceA
GlobalLock
AreFileApisANSI
GetNumberOfConsoleMouseButtons

shlwapi

SHIsLowMemoryMachine
SHRegOpenUSKeyA
PathGetDriveNumberA
UrlGetLocationA
SHDeleteValueA
UrlCombineA
StrFormatByteSize64A
StrIsIntlEqualA
PathQuoteSpacesA
SHCreateStreamWrapper
HashData
PathFileExistsA
StrRChrIA
PathRemoveBlanksA
SHAutoComplete
StrChrIA
SHRegEnumUSKeyA
SHRegCreateUSKeyA
StrCSpnA
StrToIntExA
PathIsRelativeA
PathAppendA
SHRegWriteUSValueA
UrlIsOpaqueA
AssocQueryStringA
StrSpnA
PathStripToRootA
PathMakePrettyA
PathFindOnPathA
PathIsFileSpecA
ColorHLSToRGB

Sections

.xel
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fcvc
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fshyl
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ryrur
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

278393563cc91b360f1116c99fb12ec6

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.xel Size: 22KB - Virtual size: 45KB

.fcvc Size: 5KB - Virtual size: 10KB

.fshyl Size: 1024B - Virtual size: 1KB

.ryrur Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.xel
Size: 22KB - Virtual size: 45KB

.fcvc
Size: 5KB - Virtual size: 10KB

.fshyl
Size: 1024B - Virtual size: 1KB

.ryrur
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB