340b487cb6e43f25232c7c805bac9aa8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

340b487cb6e43f25232c7c805bac9aa8_JaffaCakes118
Size

858KB
MD5

340b487cb6e43f25232c7c805bac9aa8
SHA1

8940f6e2e2c15a0c29a2c3730ffbee86f0070af4
SHA256

16e55146972c5e4251411a86b245cec548df6ba085bf68f9f3ff37d06610dfbd
SHA512

db948ab49c66b1d792afe1d5b83f189121cd1d01c1c854fab7a118136bf3e6848c0223164f7f91012c90a6f681dc7aaf0cda8875f9d9c8727f0a2e44c0c35ef1
SSDEEP

12288:JabvN2sr6kUFQbg85I1tJFI4SZ4OzxdsQIs61lzTl/hPicJ6+T+nhjh3x:JGvN2sCuk11tJFdqgQNSlfpO+TuVh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
340b487cb6e43f25232c7c805bac9aa8_JaffaCakes118

Files

340b487cb6e43f25232c7c805bac9aa8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46ada58c0fe7a92ca582fb2d5407a686

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveBlanksA
HashData
PathGetDriveNumberA
PathIsUNCA
PathFileExistsA
StrCSpnA
StrChrIA
UrlGetLocationA
UrlCombineA
PathQuoteSpacesA
ColorHLSToRGB
StrRChrIA
SHCreateStreamWrapper
PathSearchAndQualifyA
SHRegCreateUSKeyA
PathAppendA
StrToIntExA
StrFormatByteSize64A
SHIsLowMemoryMachine
AssocQueryStringA
PathCommonPrefixA
StrIsIntlEqualA
SHRegEnumUSKeyA
SHRegWriteUSValueA
PathStripToRootA
PathMakePrettyA
UrlIsOpaqueA
PathIsRelativeA
PathFindOnPathA
SHRegOpenUSKeyA

kernel32

MapViewOfFile
DisconnectNamedPipe
SetConsoleWindowInfo
GetFileTime
WriteProfileStringA
GetWindowsDirectoryA
FindNextChangeNotification
lstrcmpi
UTRegister
SetConsoleTextAttribute
WriteFileGather
GetPrivateProfileIntA
GlobalUnlock
GetCommModemStatus
WinExec
GetTempPathA
TlsSetValue
LocalShrink
WritePrivateProfileStringA
BackupSeek
WaitNamedPipeA
WriteFile
FindAtomA
CreateFileMappingA
GlobalFindAtomA
GetFileAttributesExA
EraseTape
SetCommTimeouts
DebugActiveProcess
FlushInstructionCache
QueryPerformanceCounter
GetDiskFreeSpaceA
DuplicateHandle
WaitCommEvent
GetCommState
RequestDeviceWakeup
FindCloseChangeNotification
GetProcessShutdownParameters
ReadFileEx
InitializeCriticalSection
VirtualFree
lstrcpy
IsDBCSLeadByteEx
lstrlen
EnumCalendarInfoA
MoveFileA
GetConsoleTitleA
IsProcessorFeaturePresent
Module32First
GetPrivateProfileSectionNamesA
IsValidCodePage
ResetEvent
HeapDestroy
PeekNamedPipe
GetProfileStringA
GetProcessAffinityMask
WriteProcessMemory
FoldStringA
UnhandledExceptionFilter
LocalAlloc

advapi32

RegDeleteValueA

Sections

.fqvq
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.avo
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zoned
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.slqdi
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wnmxg
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tmx
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ifgpi
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exit
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dih
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46ada58c0fe7a92ca582fb2d5407a686

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

Sections

.fqvq Size: 635KB - Virtual size: 1.3MB

.avo Size: 5KB - Virtual size: 5KB

.zoned Size: 19KB - Virtual size: 27KB

.slqdi Size: 512B - Virtual size: 20KB

.wnmxg Size: 6KB - Virtual size: 15KB

.tmx Size: 512B - Virtual size: 56B

.ifgpi Size: 512B - Virtual size: 24B

.exit Size: 48KB - Virtual size: 76KB

.dih Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.fqvq
Size: 635KB - Virtual size: 1.3MB

.avo
Size: 5KB - Virtual size: 5KB

.zoned
Size: 19KB - Virtual size: 27KB

.slqdi
Size: 512B - Virtual size: 20KB

.wnmxg
Size: 6KB - Virtual size: 15KB

.tmx
Size: 512B - Virtual size: 56B

.ifgpi
Size: 512B - Virtual size: 24B

.exit
Size: 48KB - Virtual size: 76KB

.dih
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB