163ec184a1891075be0e1d498a93f202_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

163ec184a1891075be0e1d498a93f202_JaffaCakes118
Size

380KB
MD5

163ec184a1891075be0e1d498a93f202
SHA1

bf72c61513bc4d63b4a43833dbff5ec2d88a8e74
SHA256

113c06a8b3f2d81eb93da5ce87274c2cbf293ed574daa058a4b0df9a2b6c1a2f
SHA512

6074f312bc756459dc3c4fa4d129bba277ef8ceedf5a26358668b525f27f49bccb97fa863805696eee129d6aa41a955164152902c7a4d95e2bb27ca7ce97a6e8
SSDEEP

6144:GnaND/R3slT9LMDExfOF6WME6hTWlWw7v7Hzd5g0RmRFAnpJRz/tyz/1sqN:NRR3aLMDDV6YlWwfHjg0oWpJ3yz/1sqN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
163ec184a1891075be0e1d498a93f202_JaffaCakes118

Files

163ec184a1891075be0e1d498a93f202_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa0d09eeeafbd87815f5c9177f405f2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetNamedPipeInfo
TlsFree
CommConfigDialogA
RtlUnwind
GetVersion
WriteConsoleA
GetCurrentProcess
GetLastError
VirtualAlloc
UnhandledExceptionFilter
SetLastError
HeapReAlloc
GetCurrentThread
WriteConsoleOutputW
GetCommandLineA
CopyFileExA
TlsSetValue
GetModuleFileNameA
DeleteCriticalSection
GetStringTypeW
ExitProcess
FreeEnvironmentStringsW
GetStringTypeA
InitializeCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
GetOEMCP
GlobalGetAtomNameW
LCMapStringW
QueryPerformanceCounter
InterlockedCompareExchange
MultiByteToWideChar
GetStartupInfoA
WriteFile
GetCurrentThreadId
WaitForMultipleObjects
HeapAlloc
GetEnvironmentStringsW
HeapFree
CompareStringA
VirtualFree
GetCurrentProcessId
GetExitCodeProcess
HeapCreate
GetStdHandle
GetPrivateProfileIntA
LCMapStringA
GetFileSize
GetACP
HeapDestroy
VirtualProtect
SetHandleCount
TlsGetValue
FillConsoleOutputCharacterW
GlobalUnfix
GetModuleHandleA
GetTempPathW
FreeEnvironmentStringsA
UnlockFileEx
GetLocaleInfoW
WideCharToMultiByte
SetConsoleCursorInfo
GetNumberFormatA
SetConsoleCtrlHandler
IsBadWritePtr
GetProcAddress
GetCPInfo
GetEnvironmentStrings
FindResourceExW
TlsAlloc
InterlockedExchange
LeaveCriticalSection
TerminateProcess
GetFileType
VirtualQuery

advapi32

AbortSystemShutdownA
RegEnumKeyW
RegSetValueA
CryptContextAddRef
LookupAccountSidA
RegSetValueW
CryptVerifySignatureW
CryptSetProviderW
CryptGenKey
LookupPrivilegeValueW
LogonUserA
RegLoadKeyW
CryptImportKey

shell32

SHFreeNameMappings
ExtractIconA
SHGetPathFromIDListA
DragAcceptFiles
SHGetFileInfoA
SHGetMalloc
SHGetFileInfoW
ShellExecuteW
SHGetDataFromIDListW
SHFileOperationW
SHGetPathFromIDListW
RealShellExecuteW
SHGetDiskFreeSpaceA
RealShellExecuteA
FindExecutableW
CommandLineToArgvW
SHAppBarMessage
ExtractAssociatedIconExW
DoEnvironmentSubstA
DragQueryFileA

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa0d09eeeafbd87815f5c9177f405f2b

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 102KB - Virtual size: 102KB

.data Size: 266KB - Virtual size: 297KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 102KB - Virtual size: 102KB

.data
Size: 266KB - Virtual size: 297KB

.rsrc
Size: 10KB - Virtual size: 10KB