0f8de69f651da6bd08b8a7eeb5b9b04a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f8de69f651da6bd08b8a7eeb5b9b04a_JaffaCakes118
Size

88KB
MD5

0f8de69f651da6bd08b8a7eeb5b9b04a
SHA1

42e8729d81bf4a076e215b73547ffa707ba12d00
SHA256

afc53d4f8af0881071e9af0ae5cd0b45f5909cf03a0825ee15338b784f4fc595
SHA512

4bfefdc69960e640f4ddd872c9b0499569ebf8b8a7eddd9b1ce22303defdcb536a28c9aab2b598a655b97871c56068a7b1360f7996df5031f15b5c3654e133cd
SSDEEP

1536:V+MryEGp/3y7xD6nPhcc75rSigvRrqhdnhHxz//rsFQ6yR9o+:V+Mrrv7xmqw0BvR2hdJd/rmDyR9o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f8de69f651da6bd08b8a7eeb5b9b04a_JaffaCakes118

Files

0f8de69f651da6bd08b8a7eeb5b9b04a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f593ef81376e00503f8c429df4d5dac7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
FreeLibrary
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
lstrcatA
lstrcpyA
lstrcpynA
lstrcmpA
lstrlenA
GetComputerNameA
GetLogicalDriveStringsA
GetLastError
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
Sleep
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
ReadFile
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
FlushFileBuffers
VirtualAlloc
SetEndOfFile
VirtualFree
GetVersion
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetSystemDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
DeleteFileA
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
SetFilePointer
GetCurrentProcess
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
HeapAlloc
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate

user32

GetClipboardData
CloseClipboard
GetForegroundWindow
GetWindowTextA
GetAsyncKeyState
GetKeyState
wsprintfA
IsCharAlphaNumericA
MessageBoxA
PostQuitMessage
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
SetTimer
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
OpenClipboard

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueA
RegCreateKeyA
RegSetValueExA

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f593ef81376e00503f8c429df4d5dac7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 66KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 66KB

.rsrc
Size: 4KB - Virtual size: 2KB