225b30aab588a9b0281742980db8f3de_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

225b30aab588a9b0281742980db8f3de_JaffaCakes118
Size

858KB
MD5

225b30aab588a9b0281742980db8f3de
SHA1

9fc0f24b6c192545cdba00136707813207bbdd16
SHA256

1841fa235f1aca42b7064a3f47fcfd5b72d89ca133eb69ca5d20fb9c2147e8fd
SHA512

9edb52ab66a3aee10ace0bf33354a22f660d13c379c876fbdc28bef25933e81066a1e51697c5141d6b256c2ac018bb07dd00badce2bfc31e28a9dc3beade99b8
SSDEEP

12288:D3BluDPp/2AQVMZvB8cHJ425VZMPYRQ+lUykWQvtCniMpLkQaLZHoi6Dl/AZR+4y:/AhO2nVZcYWjyQvtCRk1I1Dl/ATFlQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
225b30aab588a9b0281742980db8f3de_JaffaCakes118

Files

225b30aab588a9b0281742980db8f3de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5144827ed82fe028a6e5785c139b3bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathMakePrettyA
StrRChrIA
PathIsRelativeA
SHAutoComplete
PathRemoveBlanksA
StrCSpnA
ColorHLSToRGB
PathSearchAndQualifyA
PathFindOnPathA
PathStripToRootA
SHRegCreateUSKeyA
SHRegEnumUSKeyA
StrToIntExA
SHCreateStreamWrapper
SHDeleteValueA
StrChrIA
PathIsUNCA
SHIsLowMemoryMachine
PathQuoteSpacesA
PathCommonPrefixA
PathAppendA
AssocQueryStringA
PathGetDriveNumberA
PathFileExistsA
StrIsIntlEqualA
SHRegWriteUSValueA
UrlGetLocationA
UrlIsOpaqueA
SHRegOpenUSKeyA

kernel32

SetTapeParameters
GetTapeStatus
UnlockFileEx
GetConsoleOutputCP
SetProcessAffinityMask
InterlockedExchange
VirtualProtectEx
IsValidCodePage
GetDefaultCommConfigA
GetProfileIntA
VirtualQueryEx
SearchPathA
SystemTimeToTzSpecificLocalTime
FoldStringA
OpenSemaphoreA
FindAtomA
SetCommTimeouts
_hread
HeapDestroy
GetSystemDirectoryA
WaitNamedPipeA
VirtualLock
ReadConsoleA
GetSystemTimeAdjustment
ContinueDebugEvent
GlobalAddAtomA
OpenProcess
GetTempPathA
GetDiskFreeSpaceA
CompareStringA
WaitCommEvent
SetConsoleActiveScreenBuffer
ExpandEnvironmentStringsA
Heap32First
WriteConsoleInputA
GetAtomNameA
SetConsoleTextAttribute
InterlockedIncrement
CommConfigDialogA
GetCurrentThreadId
GetShortPathNameA
GlobalLock
SetConsoleWindowInfo
IsBadWritePtr
ResetEvent
LoadModule
EraseTape
RequestDeviceWakeup
Thread32Next
GetProfileStringA
GetCommState
TlsFree
LocalFree
PrepareTape
GetCommModemStatus
LocalAlloc
UpdateResourceA
IsProcessorFeaturePresent
lstrcmpi
GetFileTime
_lclose

advapi32

GetExplicitEntriesFromAclA

Sections

.relwd
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.onoj
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.angl
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ito
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ibc
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pmnkv
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.upi
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fab
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pavg
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5144827ed82fe028a6e5785c139b3bee

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

Sections

.relwd Size: 635KB - Virtual size: 1.3MB

.onoj Size: 5KB - Virtual size: 5KB

.angl Size: 19KB - Virtual size: 27KB

.ito Size: 512B - Virtual size: 20KB

.ibc Size: 6KB - Virtual size: 15KB

.pmnkv Size: 512B - Virtual size: 56B

.upi Size: 512B - Virtual size: 24B

.fab Size: 48KB - Virtual size: 76KB

.pavg Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.relwd
Size: 635KB - Virtual size: 1.3MB

.onoj
Size: 5KB - Virtual size: 5KB

.angl
Size: 19KB - Virtual size: 27KB

.ito
Size: 512B - Virtual size: 20KB

.ibc
Size: 6KB - Virtual size: 15KB

.pmnkv
Size: 512B - Virtual size: 56B

.upi
Size: 512B - Virtual size: 24B

.fab
Size: 48KB - Virtual size: 76KB

.pavg
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB