08c1b22731d69c0bab2c627f6a717192_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08c1b22731d69c0bab2c627f6a717192_JaffaCakes118
Size

60KB
MD5

08c1b22731d69c0bab2c627f6a717192
SHA1

0912e2dfddafdfa152e80c85f72f028763569cec
SHA256

b1b39c900000f7f1f7be2418c4800ed1ff3180514915d7dc60c44b800537c64d
SHA512

9e0f5b01ed0059f2ca0b5db9b198dad956b6bec257ce885ec818bbdc9cd1a32610ad634323b093bafd9308e500a820bcbca6e778f2eafaf1156eff25936cc0bb
SSDEEP

1536:FL7R9EYlignzQ1RzJ/iKcJ1nLZTz4U7Dd:FvR9zAY+dti9n97Dd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08c1b22731d69c0bab2c627f6a717192_JaffaCakes118

Files

08c1b22731d69c0bab2c627f6a717192_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f55682ef7270d4d327d7eb02d6455e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOverlappedResult
GlobalLock
GetTimeZoneInformation
LocalFree
GetNumberFormatA
FreeConsole
InitializeCriticalSection
ReleaseSemaphore
GetPrivateProfileIntA
UnhandledExceptionFilter
GetTickCount
CreateFileMappingA
SetConsoleCursorPosition
GetLogicalDriveStringsA
WriteConsoleOutputAttribute
GlobalAddAtomA
GetStdHandle
IsBadReadPtr
Beep
ContinueDebugEvent
GetCommConfig
FillConsoleOutputAttribute
SetConsoleCtrlHandler
LocalUnlock
CopyFileA
InterlockedExchange
SetCommBreak
AreFileApisANSI
Module32First
FatalExit
SetConsoleOutputCP
WaitCommEvent
GetProfileIntA
GetSystemTimeAdjustment
PrepareTape
CompareStringA
SetCommTimeouts
ReadConsoleOutputA
InterlockedIncrement
GetLongPathNameA
InterlockedCompareExchange
DisconnectNamedPipe
GetUserDefaultLangID
PurgeComm
GetDiskFreeSpaceA
GetAtomNameA
GetPrivateProfileSectionNamesA
SetNamedPipeHandleState
SetConsoleActiveScreenBuffer
FreeLibrary
SwitchToFiber
FindResourceA
ExpandEnvironmentStringsA
CreateNamedPipeA
SetEnvironmentVariableA
QueueUserAPC
CreateMailslotA
GetStringTypeExA
WriteFile
IsBadHugeReadPtr
Thread32Next
lstrcpyn

shlwapi

SHRegEnumUSKeyA
AssocQueryStringA
PathGetDriveNumberA
HashData
PathIsRelativeA
StrFormatByteSize64A
StrChrIA
PathSearchAndQualifyA
PathRemoveBlanksA
PathQuoteSpacesA
PathMakePrettyA
PathCommonPrefixA
SHDeleteValueA
StrIsIntlEqualA
SHCreateStreamWrapper
PathIsUNCA
PathFileExistsA
UrlGetLocationA
UrlCombineA
StrToIntExA
ColorHLSToRGB
PathIsFileSpecA
StrRChrIA
SHIsLowMemoryMachine
StrSpnA
SHRegWriteUSValueA
SHRegOpenUSKeyA
StrCSpnA

Sections

.tap
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lmz
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oxmju
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.twx
Size: 27KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f55682ef7270d4d327d7eb02d6455e1

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.tap Size: 22KB - Virtual size: 45KB

.lmz Size: 5KB - Virtual size: 10KB

.oxmju Size: 1KB - Virtual size: 2KB

.twx Size: 27KB - Virtual size: 140KB

.rsrc Size: 2KB - Virtual size: 4KB

.tap
Size: 22KB - Virtual size: 45KB

.lmz
Size: 5KB - Virtual size: 10KB

.oxmju
Size: 1KB - Virtual size: 2KB

.twx
Size: 27KB - Virtual size: 140KB

.rsrc
Size: 2KB - Virtual size: 4KB