0e97ea3cd95ed3216a56a10cf7afd9bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e97ea3cd95ed3216a56a10cf7afd9bd_JaffaCakes118
Size

17KB
MD5

0e97ea3cd95ed3216a56a10cf7afd9bd
SHA1

48775b52cb2b7d3ba862eac9d06297a0cdec17f3
SHA256

464c28f008574d54e3180a3edd62a200bd8f041599ef81e25ea83dcce0d3ceb0
SHA512

b49e956de4cd78460100f5cd49300afbf1529e05d767199fade9b7c6747e5e224a92375adcbca835c8a004e2732fcd055da2c052ec598ac68b950a83fa5027c3
SSDEEP

192:AVtWy/qWRrCHk1f2ELbz3fSDwKRUk9oDqIbSdvvB:a/ZCE1fzSDDUk9oD9q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e97ea3cd95ed3216a56a10cf7afd9bd_JaffaCakes118

Files

0e97ea3cd95ed3216a56a10cf7afd9bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ad851f4f9c8a674d0032533327461391

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA
SHGetPathFromIDListA
ShellExecuteA
SHFileOperationA
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderA

kernel32

CloseHandle
GetCommandLineA
FormatMessageA
WriteFile
InterlockedExchange
LCMapStringW
GetLongPathNameW
TermsrvAppInstallMode
GlobalMemoryStatusEx
ReadFile
GetLogicalDriveStringsA
GetStringTypeW
SetLastError
GetThreadLocale
FreeEnvironmentStringsW
CreateFileA
MapViewOfFile
CompareFileTime
SetFilePointer
GetCurrentProcessId
GlobalWire
OpenThread
HeapAlloc
GetFileSizeEx
LCMapStringA
HeapFree
CreateDirectoryExW
GetDiskFreeSpaceW
SetInformationJobObject
GetProcessHeap
CreateProcessA
HeapReAlloc
GetProcAddress
CreateFileW
FreeLibrary
GetTempFileNameW
ReleaseSemaphore
GetTempPathW
DuplicateHandle
GetStartupInfoA
CreateFileMappingA
GetStringTypeA
GetTempPathA
RaiseException
SetConsoleWindowInfo
LocalFree
DeviceIoControl
GetShortPathNameW
SearchPathA
SearchPathW
GetFileSize
ExitProcess

ole32

CoLockObjectExternal
CoQueryClientBlanket
OleBuildVersion
CreateDataAdviseHolder

advapi32

RegEnumValueA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 139KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad851f4f9c8a674d0032533327461391

Headers

File Characteristics

Imports

shell32

kernel32

ole32

advapi32

version

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 118KB

.debug Size: 3KB - Virtual size: 3KB

.pdata Size: 139KB - Virtual size: 247KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 118KB

.debug
Size: 3KB - Virtual size: 3KB

.pdata
Size: 139KB - Virtual size: 247KB