0f06009f4844841302e94910ffb80e10_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f06009f4844841302e94910ffb80e10_JaffaCakes118
Size

53KB
MD5

0f06009f4844841302e94910ffb80e10
SHA1

57a6eaff202b1b6985719f15830e8ad94d988c0a
SHA256

f8e4eb4eef3aa45819e6d5c6aeffeeb7b762599b9f790e7c7ce829853bfafbee
SHA512

b94d63bb21b0114a60e528f22fc33b1e983c7fff48efb6e2a8733ae1338a2d656e7be1863ef48a8cf50e1d9b05f990742187904b3763ec6d80c005efda009433
SSDEEP

768:AJ16fCZFdLqy+fKgSnbljAEqTAJbVKlqV4GjoL2nUahIZJgc1oM2vBKdYRpeWYBO:fCZfGE1bvUl2a2nbsJhiBKC4PD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f06009f4844841302e94910ffb80e10_JaffaCakes118

Files

0f06009f4844841302e94910ffb80e10_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c140cc465bb3716f0d9a9a6f8064994c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
ReadFile
GetCommandLineA
MoveFileExW
GlobalUnlock
CreateFileMappingW
GlobalLock
SetFileTime
SetEvent
Sleep
WaitForSingleObject
CreateMutexW
lstrcmpiA
FindClose
lstrcatA
lstrcpynW
lstrcpyW
CopyFileW
lstrlenA
SystemTimeToFileTime
UnmapViewOfFile
lstrcatW
GetComputerNameW
GetModuleFileNameW
GetLastError
GetCurrentThreadId
FlushFileBuffers
GetSystemTime
OpenProcess
HeapReAlloc
CreateThread
MapViewOfFile
GetDriveTypeW
SetFilePointer
CloseHandle
GetExitCodeProcess
GetFileTime
HeapFree
SetLastError
WriteProcessMemory
IsBadReadPtr
EnterCriticalSection
GetFileSize
GetSystemTimeAsFileTime
HeapAlloc
ExpandEnvironmentStringsW
CreateFileW
CreateEventW
GetModuleHandleA
GetTickCount
GetLocalTime
GetProcessTimes
FindResourceW
GetVersionExW
GetTempPathW
WriteFile
GetProcessHeap
GetUserDefaultUILanguage
InitializeCriticalSection
OpenMutexW
MultiByteToWideChar
SetEndOfFile
ReleaseMutex
GetCurrentProcessId
GetTempFileNameW
FindNextFileW
DisconnectNamedPipe
CreateDirectoryW
ResetEvent
GetModuleFileNameA
lstrcmpiW
GetFileSizeEx
DeleteFileW
lstrlenW
SetThreadPriority
WideCharToMultiByte
SetFileAttributesW
GetThreadPriority
FindFirstFileW
GetTimeZoneInformation
lstrcpyA
GetLogicalDrives
CreateProcessW

user32

GetMessageA
GetDlgItemTextA
CloseDesktop
GetKeyboardState
SetProcessWindowStation
GetMessageW
GetDlgItemTextW

Sections

.kxwnop
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.avqdwn
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udohkd
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.naf
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c140cc465bb3716f0d9a9a6f8064994c

Headers

File Characteristics

Imports

kernel32

user32

Sections

.kxwnop Size: 18KB - Virtual size: 39KB

.avqdwn Size: 5KB - Virtual size: 10KB

.udohkd Size: 1024B - Virtual size: 1KB

.naf Size: 26KB - Virtual size: 132KB

.rsrc Size: 1KB - Virtual size: 4KB

.kxwnop
Size: 18KB - Virtual size: 39KB

.avqdwn
Size: 5KB - Virtual size: 10KB

.udohkd
Size: 1024B - Virtual size: 1KB

.naf
Size: 26KB - Virtual size: 132KB

.rsrc
Size: 1KB - Virtual size: 4KB