24ab2c65b19f91a79605968164cc7b61_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24ab2c65b19f91a79605968164cc7b61_JaffaCakes118
Size

1.4MB
MD5

24ab2c65b19f91a79605968164cc7b61
SHA1

77ec6f339553e73200a57ef7f9caeb689174413a
SHA256

2000dfb2965c171838e6235431c841c9f11cca40658acf6bace7a662d973130a
SHA512

67aef32ae861f89f300992a90a2ad82d85a0e1a01b9b486c613faebde7b341a76a0ed57d9e35a64c5281d9d1795a058553617ab98b54e78a3770e4d9e1b1ca73
SSDEEP

24576:9VFMATyUCdO1uRm2geToYWAz44MN5Ru42WsphTCHa:9YATSd7RmzeTqAzPMN5RuthTIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ab2c65b19f91a79605968164cc7b61_JaffaCakes118

Files

24ab2c65b19f91a79605968164cc7b61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b0e8fd2fb7cd98df9c4805916b46cca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindFirstFileW
SetFileAttributesW
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetExitCodeProcess
ReleaseMutex
OpenMutexW
CreateMutexW
ExpandEnvironmentStringsW
RemoveDirectoryW
GetComputerNameW
GetCurrentProcess
GetModuleHandleW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetCurrentProcessId
MoveFileExW
lstrlenW
GetStartupInfoW
LocalFree
WriteFile
CreateFileW
GetTempFileNameW
GetModuleFileNameW
GetProcAddress
CreateDirectoryW
SetFilePointer
DeleteFileW
FindResourceW
CopyFileW
MultiByteToWideChar
MoveFileW
WaitForSingleObject
GetTickCount
GetFileAttributesW
CreateProcessW
CloseHandle
SetEvent
GetLongPathNameW
GetTempPathW
CreateEventW
FindResourceExW
LoadResource
LockResource
SizeofResource
FlushFileBuffers
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
LCMapStringW
WideCharToMultiByte
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
LoadLibraryA
FindClose
SetLastError
VerifyVersionInfoW
VerSetConditionMask
GetLastError
GetModuleFileNameA
GetStdHandle
InitializeCriticalSection
GetSystemTimeAsFileTime
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetModuleHandleA
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
Sleep

advapi32

GetSidSubAuthority
GetSidSubAuthorityCount
LookupAccountSidW
GetTokenInformation
OpenProcessToken
LookupAccountNameW
ConvertSidToStringSidW
CopySid
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

SHGetFolderPathW

shlwapi

PathRemoveFileSpecW
SHDeleteKeyW

user32

UnregisterClassA

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b0e8fd2fb7cd98df9c4805916b46cca

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

shell32

shlwapi

user32

version

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 22KB - Virtual size: 24KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 22KB - Virtual size: 24KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB