167a95427b59511a2b67efcc8446210b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

167a95427b59511a2b67efcc8446210b_JaffaCakes118
Size

172KB
MD5

167a95427b59511a2b67efcc8446210b
SHA1

6ae7add493e2e44f8d897f6abecd7a73f904986b
SHA256

2f3ba02166df9f34fbdfc95953ff32fe975c912c5899fd3e1ea72938b4397e7d
SHA512

04314a409de8fab9db0b56915395c7d3c1a1a2433241f21e757e02765c3d82375d71a9059603bf9ff7d93d058c1815858303626c7f707eba6088af334f1cf770
SSDEEP

3072:kcKyE8C+89yUuaF0YjIiaMwODmBNR0rCWiUYMAxZOWT3:DC19yUPyIwXWiUY1xgWT3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
167a95427b59511a2b67efcc8446210b_JaffaCakes118

Files

167a95427b59511a2b67efcc8446210b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e10364ff634f3eb64abaa975484e0e15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
lstrcpyA
GetVolumeInformationA
GetDiskFreeSpaceA
lstrlenA
RtlZeroMemory
_lclose
_llseek
_lopen
SetErrorMode
ReadFile
GetLongPathNameA
GetSystemTime
DeleteFileA
SetFileAttributesA
lstrcmpiA
GetFileAttributesA
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
SystemTimeToFileTime
GetLocalTime
FileTimeToSystemTime
WriteFile
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
CreateMutexA
GetLastError
CreateFileA
GetWindowsDirectoryA
LCMapStringW
LCMapStringA
SetEndOfFile
SetFilePointer
CompareStringW
CloseHandle
CompareStringA
DeviceIoControl
TerminateProcess
GetCurrentProcess
HeapFree
GetTimeZoneInformation
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapAlloc
SetEnvironmentVariableA
HeapReAlloc
LoadLibraryA
GetOEMCP
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetStringTypeA
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetProcAddress

user32

PostMessageA
wsprintfA
IsWindow

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA

tmapi

ord1
ord4
ord2

clusalgo

ComputeClusterPlacement
FreeOutBuffer

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e10364ff634f3eb64abaa975484e0e15

Headers

File Characteristics

Imports

kernel32

user32

advapi32

tmapi

clusalgo

Sections

.text Size: 44KB - Virtual size: 41KB

.data Size: 20KB - Virtual size: 17KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 32KB - Virtual size: 32KB

.text Size: 68KB - Virtual size: 68KB

.text
Size: 44KB - Virtual size: 41KB

.data
Size: 20KB - Virtual size: 17KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 32KB - Virtual size: 32KB

.text
Size: 68KB - Virtual size: 68KB