0a7eb77dbd9ac5a348b38dbcf0aced69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a7eb77dbd9ac5a348b38dbcf0aced69_JaffaCakes118
Size

128KB
MD5

0a7eb77dbd9ac5a348b38dbcf0aced69
SHA1

7b71816413ae585d98c4f1c91a8005db4a835b23
SHA256

6c8ceb2bcc671949766f2ae2203d62822ba5c8e74bb8b1ed7dd0b8f622ed7978
SHA512

51dfe78cb47e97592add184d31dbb3a5df1cdcc6ba946c79f95d3575ca366741218ba94ec4a64babcd5275b07c135175b4521739efffc3665048d64d2c110eb3
SSDEEP

3072:q0lwoRFdb4mGUeN1cSZ3g6NwqX8+oAFl/hpbihuoxYoP:VdEPhQ6NhHoElJpkuwrP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a7eb77dbd9ac5a348b38dbcf0aced69_JaffaCakes118

Files

0a7eb77dbd9ac5a348b38dbcf0aced69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b12d00a1e5826d6da2ba94b032a86863

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
QueryPerformanceCounter
MultiByteToWideChar
LeaveCriticalSection
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapDestroy
GetVersionExA
GetTickCount
GetSystemTimeAsFileTime
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcessId
GetCurrentProcess
EnterCriticalSection
Sleep
CreateThread
CreateFileA
CreateEventA
GetProcAddress
ExitProcess
GetCommandLineA
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
WriteFile
RtlUnwind
UnhandledExceptionFilter
lstrcmpiA
LocalAlloc
LocalFree
GetProcessHeap
HeapAlloc
HeapFree
ReadFile
GetLastError
FlushFileBuffers
DisconnectNamedPipe
CloseHandle
lstrcpyA
DeleteCriticalSection
lstrlenA
VirtualFree
HeapCreate
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
LoadLibraryA
GetStartupInfoA
GetVersion
TerminateProcess
FreeEnvironmentStringsA

user32

BeginPaint
wsprintfA
TranslateMessage
SetTimer
PostQuitMessage
PostMessageA
PeekMessageA
MessageBoxA
GetParent
GetWindowTextLengthA
KillTimer

advapi32

RegEnumKeyExA
GetLengthSid
GetTokenInformation
RegEnumValueA
RegQueryValueExA
RegOpenKeyA
AllocateAndInitializeSid
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
FreeSid
RegCloseKey
RegQueryInfoKeyA

ole32

CoInitialize
OleRun
OleSetClipboard
OleSaveToStream
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b12d00a1e5826d6da2ba94b032a86863

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 100KB - Virtual size: 101KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 100KB - Virtual size: 101KB

.reloc
Size: 4KB - Virtual size: 3KB