46c7da97f16259fda1fccd3cb564edb0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

46c7da97f16259fda1fccd3cb564edb0_JaffaCakes118
Size

59KB
MD5

46c7da97f16259fda1fccd3cb564edb0
SHA1

a5930dd7158304f86acf6d625574a90cc53d540c
SHA256

d8013be232070ff5b8be5971b5fe70a1f25d71cf2219b04c18144a9580e1be9c
SHA512

28a4d0e80592a97dd145e0e69c9aba5ba258ba26d5fc73f538964ad87ae50e7d15528fcb9d0eb73a9a0572c4a862e38abbb67b731e3aebab18144b0a148299db
SSDEEP

1536:J+tKMH+E6cH3nVypvlynFdwNARz8MsU/VDn:UZ603VypvojtDn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46c7da97f16259fda1fccd3cb564edb0_JaffaCakes118

Files

46c7da97f16259fda1fccd3cb564edb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7db1a810161714d996d7c3a4fcbece0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PrepareTape
IsBadHugeReadPtr
GlobalCompact
AreFileApisANSI
GetDefaultCommConfigA
HeapDestroy
TlsSetValue
GetTapeStatus
GlobalFindAtomA
CreateFiber
GetConsoleOutputCP
SetSystemTime
InterlockedExchange
CompareStringA
SetConsoleTextAttribute
GetWindowsDirectoryA
GetCurrentThreadId
LocalAlloc
CreateThread
GetDiskFreeSpaceA
MapViewOfFile
GetCommandLineA
InterlockedIncrement
SystemTimeToTzSpecificLocalTime
WritePrivateProfileStringA
UnhandledExceptionFilter
GetVersionExA
CloseHandle
SetTapeParameters
HeapCompact
VirtualProtectEx
DisconnectNamedPipe
GetFileTime
ResumeThread
FlushConsoleInputBuffer
QueueUserAPC
GetShortPathNameA
ExpandEnvironmentStringsA
OpenFileMappingA
WriteConsoleInputA
FindResourceA
SetConsoleActiveScreenBuffer
GetOverlappedResult
LocalFree
GetCommModemStatus
LocalUnlock
SetConsoleOutputCP
EnumCalendarInfoA
OpenEventA
FreeConsole
GetPrivateProfileIntA
InterlockedCompareExchange
WinExec
LocalLock
GetSystemTimeAdjustment
SetConsoleCursorPosition
CreateMailslotA
SetFileApisToOEM
SetFilePointer
lstrcpyn
OpenSemaphoreA

shlwapi

SHRegOpenUSKeyA
PathAppendA
StrCSpnA
ColorHLSToRGB
PathFindOnPathA
PathIsRelativeA
StrFormatByteSize64A
PathRemoveBlanksA
SHDeleteValueA
PathIsFileSpecA
PathGetDriveNumberA
PathStripToRootA
HashData
UrlCombineA
PathCommonPrefixA
SHCreateStreamWrapper
UrlIsOpaqueA
UrlGetLocationA
PathQuoteSpacesA
PathFileExistsA
StrSpnA
SHAutoComplete
PathSearchAndQualifyA
StrIsIntlEqualA
SHRegWriteUSValueA
StrChrIA
SHRegEnumUSKeyA
PathIsUNCA
SHRegCreateUSKeyA

advapi32

CryptContextAddRef

Sections

.nmz
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xyta
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.haz
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fur
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7db1a810161714d996d7c3a4fcbece0d

Headers

File Characteristics

Imports

kernel32

shlwapi

advapi32

Sections

.nmz Size: 22KB - Virtual size: 45KB

.xyta Size: 5KB - Virtual size: 10KB

.haz Size: 1024B - Virtual size: 1KB

.fur Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.nmz
Size: 22KB - Virtual size: 45KB

.xyta
Size: 5KB - Virtual size: 10KB

.haz
Size: 1024B - Virtual size: 1KB

.fur
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB