33f56e026ee274f4a6aa5ca79e4e95c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

33f56e026ee274f4a6aa5ca79e4e95c7_JaffaCakes118
Size

58KB
MD5

33f56e026ee274f4a6aa5ca79e4e95c7
SHA1

aa1b2ea7fcce509ad5151e8a843439925545ac35
SHA256

63983567f5968f48aca3387455455adf273068556b7154038434b3acf519e8a7
SHA512

bebb93ea0609fcc7a1be580c3f01cebee6984cdeeb91e3acf16f11622df4dc350b094af4ef2d24ffc7717af690e1d80c46699da851afd07aa5d6435e6c968392
SSDEEP

1536:mKdh/9A7+SEII0f0vBFyGe2nEeH6vZsFuDnXZMP:mUk+7/0fAFQGEeavZnpMP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33f56e026ee274f4a6aa5ca79e4e95c7_JaffaCakes118

Files

33f56e026ee274f4a6aa5ca79e4e95c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93914b3e1b40a371cf593c9fd72ce075

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
CreateIoCompletionPort
GetSystemTimeAdjustment
FormatMessageA
GlobalFree
MulDiv
FillConsoleOutputAttribute
EnumSystemLocalesA
WriteProfileSectionA
CallNamedPipeA
SetNamedPipeHandleState
VirtualFreeEx
FileTimeToLocalFileTime
WaitCommEvent
GenerateConsoleCtrlEvent
FreeEnvironmentStringsA
ResetWriteWatch
ReadFileScatter
SetCommMask
GetNamedPipeHandleStateA
SetTapePosition
SetTapeParameters
ResumeThread
GetCurrentThreadId
WriteConsoleOutputCharacterA
GetSystemInfo
SetCommTimeouts
TransmitCommChar
CreateEventA
lstrcpyn
GetFileTime
ReadFile
FindResourceA
ContinueDebugEvent
WriteFileGather
FindResourceExA
CreateMutexA
SetEndOfFile
GetProfileIntA
ConvertDefaultLocale
GetModuleFileNameA
RaiseException
ReadConsoleA
GetCurrentProcess
SetLocaleInfoA
VirtualQuery
GetPriorityClass
FlushConsoleInputBuffer
LocalSize
GlobalAddAtomA
_lwrite
GetNumberOfConsoleInputEvents

shlwapi

StrCSpnA
StrCmpNIA
PathRemoveFileSpecA
PathFileExistsA
StrPBrkA
StrSpnA
PathIsFileSpecA
SHRegCloseUSKey
PathIsSameRootA
SHRegQueryInfoUSKeyA
PathGetArgsA
HashData
SHCreateShellPalette
StrIsIntlEqualA
PathMakePrettyA
PathFindOnPathA
SHRegEnumUSValueA
AssocQueryStringA
UrlHashA
SHCreateStreamWrapper
SHGetValueA
StrChrIA
SHSkipJunction
PathRemoveBlanksA
PathFindFileNameA
PathIsRelativeA
PathIsUNCServerShareA
PathUnmakeSystemFolderA
StrFormatKBSizeA
PathSearchAndQualifyA
SHAutoComplete
UrlIsOpaqueA
PathCanonicalizeA
SHRegDeleteEmptyUSKeyA
StrRetToBufA
PathStripToRootA
SHDeleteOrphanKeyA
StrStrIA

Sections

.slgp
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jmn
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rerut
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pspst
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93914b3e1b40a371cf593c9fd72ce075

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.slgp Size: 22KB - Virtual size: 45KB

.jmn Size: 5KB - Virtual size: 10KB

.rerut Size: 1024B - Virtual size: 1KB

.pspst Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.slgp
Size: 22KB - Virtual size: 45KB

.jmn
Size: 5KB - Virtual size: 10KB

.rerut
Size: 1024B - Virtual size: 1KB

.pspst
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB