0b6a269f0d4a319d8cbe9b145acb3da9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b6a269f0d4a319d8cbe9b145acb3da9_JaffaCakes118
Size

127KB
MD5

0b6a269f0d4a319d8cbe9b145acb3da9
SHA1

ec24f1e0a271df146b0488d5387df5cdf9d42358
SHA256

d013aeb7487f9abcdb8a0494a3fd6408abf439dba382994ef0478757341be6b9
SHA512

54d5ae931a26be7a3dfd6e1f391a8acae82d6bb83fd17436e962b4ceb35548b034ee506ed2db7ccc68bdbcb9990fd3715db6600a3ad9339826fc031372ca4342
SSDEEP

3072:QOg+gSW+QVRLK3lGPDvIJw+Bmw5wE3JkbFgVlPE5/ahFG1:QO9rQDwlswJwESEamxE5R1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b6a269f0d4a319d8cbe9b145acb3da9_JaffaCakes118

Files

0b6a269f0d4a319d8cbe9b145acb3da9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f1cc946b0fe2cdd847cac8de34840b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
GetDiskFreeSpaceExW
lstrcmpiW
DeviceIoControl
SetCurrentDirectoryW
GetLogicalDriveStringsW
GetTempPathW
QueryDosDeviceW
FindClose
SetHandleContext
InterlockedDecrement
GlobalAlloc
InterlockedIncrement
CreateDirectoryW
CloseHandle
SetUnhandledExceptionFilter
WideCharToMultiByte
WriteFile
TerminateProcess
GetPrivateProfileStringW
lstrcmpW
GetDateFormatW
VirtualQuery
GetCurrentThreadId
HeapAlloc
GetCommandLineW
CreateProcessW
ReleaseMutex
FindNextFileW
GetCurrentDirectoryW
CreateFileW
GetProcessHeap
GetTimeFormatW
FormatMessageA
FreeLibrary
GetDriveTypeW
lstrlenW
FindFirstFileW
GetCurrentThreadId
GetThreadContext
LocalAlloc
GetStartupInfoA
ReadFile
CopyFileW
Sleep
OpenMutexW
MultiByteToWideChar
SetLastError
UnhandledExceptionFilter
lstrlenA
FormatMessageW
GetProcAddress
QueryPerformanceCounter
GetPrivateProfileIntW
GetModuleFileNameW
GetPrivateProfileSectionW
HeapFree
GetExitCodeProcess
OpenEventW
HeapReAlloc
GetModuleHandleA
WaitForSingleObject
CreateMutexW
GetVolumeInformationW
InterlockedExchange
GetFileAttributesW
GlobalFree
GetCurrentProcess
GetLastError
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
DeleteFileW
HeapSize
RaiseException
LoadLibraryW
GetVersionExA
SetFilePointer
ExpandEnvironmentStringsW
IsValidLocale
LocalFree
LocalReAlloc
GetWindowsDirectoryW
GetModuleHandleA
GetSystemDirectoryW

oleaut32

RegisterActiveObject
DllUnregisterServer
GetActiveObject

ole32

CreateItemMoniker
CoUninitialize
CoInitialize
GetRunningObjectTable
CoTaskMemFree
CoCreateInstance

shell32

Shell_NotifyIconA

advapi32

SetSecurityDescriptorDacl
DeregisterEventSource
InitializeSecurityDescriptor
RegisterEventSourceA
RegisterServiceCtrlHandlerA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wxnkkk
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 108KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f1cc946b0fe2cdd847cac8de34840b0

Headers

File Characteristics

Imports

kernel32

oleaut32

ole32

shell32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 6KB - Virtual size: 9KB

.wxnkkk Size: 3KB - Virtual size: 3KB

.edata Size: 108KB - Virtual size: 119KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 6KB - Virtual size: 9KB

.wxnkkk
Size: 3KB - Virtual size: 3KB

.edata
Size: 108KB - Virtual size: 119KB