1844e3bc422414e3200a6187e70cc1f6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1844e3bc422414e3200a6187e70cc1f6_JaffaCakes118
Size

59KB
MD5

1844e3bc422414e3200a6187e70cc1f6
SHA1

a3a398ccf847b80976fc2d87d59af09f4ac3ff25
SHA256

7dd61c549457a36b769a23cf0c87dedb5a082fd5b7a62e496e989ca74d0ec23c
SHA512

da3311daf9851dd1d873bdbbfddce4349077b28dc948f48d4428e632ca7c1fcb7771dec9ace1e3670087981f1bdfc42ee64818a9a757fbc4999d267e4e4bd4dd
SSDEEP

1536:Rp3Ey+QiOQdiQqFtuhfky7/i2X2JvuKRRYz:Dl+QiZdiZFHy+U2Jsz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1844e3bc422414e3200a6187e70cc1f6_JaffaCakes118

Files

1844e3bc422414e3200a6187e70cc1f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90f8abfba18be9d94e1b4facc9bf182e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHRegWriteUSValueA
PathIsUNCA
UrlCombineA
SHAutoComplete
SHRegEnumUSKeyA
SHRegCreateUSKeyA
UrlIsOpaqueA
UrlGetLocationA
PathAppendA
StrCSpnA
StrToIntExA
StrChrIA
PathFileExistsA
SHDeleteValueA
PathRemoveBlanksA
PathCommonPrefixA
PathSearchAndQualifyA
PathStripToRootA
SHCreateStreamWrapper
PathIsFileSpecA
StrSpnA
SHRegOpenUSKeyA
PathGetDriveNumberA
AssocQueryStringA
PathMakePrettyA
SHIsLowMemoryMachine
StrIsIntlEqualA
StrFormatByteSize64A
PathQuoteSpacesA

kernel32

BuildCommDCBA
_lclose
VirtualQueryEx
SetEvent
GetTimeZoneInformation
SetProcessShutdownParameters
lstrcmp
InterlockedIncrement
SetConsoleWindowInfo
CallNamedPipeA
GetComputerNameA
UnlockFileEx
GlobalUnlock
SearchPathA
GlobalLock
WriteConsoleOutputAttribute
AreFileApisANSI
GetStringTypeExA
CommConfigDialogA
FindAtomA
CopyFileA
DuplicateHandle
_hread
GlobalAddAtomA
LocalShrink
WriteProfileStringA
GetCommState
EnumDateFormatsA
DeleteFileA
LocalAlloc
GetTapeParameters
SystemTimeToTzSpecificLocalTime
AddAtomA
GetOverlappedResult
CreateThread
LocalLock
InterlockedExchange
VirtualAlloc
GetLogicalDriveStringsA
GetNumberFormatA
FlushInstructionCache
OpenEventA
FreeLibrary
FoldStringA
GetNamedPipeHandleStateA
FileTimeToLocalFileTime
CompareStringA
ContinueDebugEvent
SwitchToFiber
MapViewOfFile
CreateFiber
WaitNamedPipeA
SetupComm
WriteProcessMemory
FillConsoleOutputAttribute
WaitForMultipleObjects
SetTapeParameters
ReadConsoleA
FindFirstFileA
SetMailslotInfo
ExitProcess

advapi32

CryptSetKeyParam

Sections

.fqf
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkzul
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uhi
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xgdix
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90f8abfba18be9d94e1b4facc9bf182e

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

Sections

.fqf Size: 22KB - Virtual size: 45KB

.hkzul Size: 5KB - Virtual size: 10KB

.uhi Size: 1024B - Virtual size: 1KB

.xgdix Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.fqf
Size: 22KB - Virtual size: 45KB

.hkzul
Size: 5KB - Virtual size: 10KB

.uhi
Size: 1024B - Virtual size: 1KB

.xgdix
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB