489a972352069b8de416cf62cf4f158d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

489a972352069b8de416cf62cf4f158d_JaffaCakes118
Size

12KB
MD5

489a972352069b8de416cf62cf4f158d
SHA1

d997f7dee2a7cbe319abcb58511c700b8c8c471d
SHA256

ca3d091d01327d7be2a82d8005972c7bdb9b37fbc7d782eb43b3ba2714f4eddb
SHA512

df58042de62040e9e72ade1e635ade44161841c17262b3a046603771396aa884041356e841507bf561eb8dd9440d31ed6ef508853d098ce1fb77c61b8e326765
SSDEEP

192:0ntcfqqd65dEh1KxFTNDxDdP1HHaU1jwgWex:0ntqJyBzTNX1afex

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
489a972352069b8de416cf62cf4f158d_JaffaCakes118

Files

489a972352069b8de416cf62cf4f158d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a9322327c1f6c71d6db9c30c9858a23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeregisterEventSource
SetSecurityDescriptorDacl
RegisterEventSourceA
InitializeSecurityDescriptor
RegisterServiceCtrlHandlerA

ole32

CreateItemMoniker
CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize
GetRunningObjectTable

kernel32

InterlockedIncrement
GetPrivateProfileIntW
LocalReAlloc
QueryPerformanceCounter
OpenMutexW
lstrlenA
GetLastError
FreeLibrary
RaiseException
FormatMessageW
CopyFileW
GetCurrentProcessId
GetDiskFreeSpaceExW
ExpandEnvironmentStringsW
GetFullPathNameW
ReadFile
GetCurrentProcess
lstrlenW
GetCommandLineW
SetFilePointer
FormatMessageA
SetLocalTime
GetWindowsDirectoryW
DeviceIoControl
GetVolumeInformationW
OpenSemaphoreA
DeleteFileW
GetSystemDirectoryW
OpenEventW
GetProcAddress
HeapFree
LocalAlloc
HeapAlloc
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
GetDateFormatW
IsValidLocale
HeapSize
GetFileAttributesW
SetLastError
MultiByteToWideChar
ReleaseMutex
GetPrivateProfileSectionW
CreateMutexW
CloseHandle
GlobalWire
FindResourceA
FlushViewOfFile
GetLogicalDriveStringsW
GetTickCount
Sleep
GlobalAlloc
UnhandledExceptionFilter
GetExitCodeProcess
GlobalFree
SetCurrentDirectoryW
OpenFileMappingW
QueryDosDeviceW
InterlockedDecrement
GetTimeFormatW
lstrcmpW
GetTempPathW
SetUnhandledExceptionFilter
LocalFree
GetDriveTypeW
WriteFile
InterlockedExchange
HeapReAlloc
GetSystemTimeAsFileTime
SetVolumeLabelA
GetProcessHeap
GetCurrentThreadId
GetModuleFileNameW
CreateDirectoryW
CreateFileW
GetPrivateProfileStringW
lstrcmpiW

shell32

Shell_NotifyIconA

oleaut32

DllUnregisterServer
RegisterActiveObject
GetActiveObject

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ecgt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 140KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a9322327c1f6c71d6db9c30c9858a23

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

shell32

oleaut32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 115KB

.ecgt Size: 3KB - Virtual size: 3KB

.edata Size: 140KB - Virtual size: 271KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 115KB

.ecgt
Size: 3KB - Virtual size: 3KB

.edata
Size: 140KB - Virtual size: 271KB