624266d4df9ee4b4c6aa571f6790d3e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

624266d4df9ee4b4c6aa571f6790d3e8_JaffaCakes118
Size

180KB
MD5

624266d4df9ee4b4c6aa571f6790d3e8
SHA1

20001beac951ca85ba695a5462b8ec2e97aca1bd
SHA256

cd6a4fa41619e9d1af7f29b5a12dc5e95244390e99964c2f62ec636875bbd109
SHA512

ae2b870e4f1812a28bdc8f7e4b488fa5174e117685148b8339cb43874a2aa2f60beb522503842d985266b5b3e4c95b82e9377f3ffecaea71907ba19938f062d0
SSDEEP

3072:6E6zUlfK0oRNL6GfrHzOBiLlIWGSb0BPD+/DKOejmnADASOilmF/Su:XnEDRNV7zOBiLlIPTPy7KOu2A0ilmF/J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
624266d4df9ee4b4c6aa571f6790d3e8_JaffaCakes118

Files

624266d4df9ee4b4c6aa571f6790d3e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1eb369f00b6b30636584a55035bc845

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
SetFileAttributesW
GetLogicalDriveStringsW
GetCurrentProcess
UnmapViewOfFile
SetUnhandledExceptionFilter
GetCalendarInfoW
SearchPathW
OpenProcess
Sleep
LocalFree
LoadLibraryW
lstrcmpiW
GetCurrentThreadId
QueryPerformanceCounter
EncodePointer
CreateFileMappingW
GetCurrentDirectoryW
InterlockedExchange
GetLastError
MapViewOfFile
MultiByteToWideChar
OutputDebugStringW
QueryDosDeviceW
GetFileInformationByHandle
DuplicateHandle
InterlockedCompareExchange
GetProcessId
ReleaseMutex
GetFileAttributesW
LocalAlloc
CreateDirectoryW
lstrlenW
GetTickCount
EnumResourceNamesA
VirtualProtect
OutputDebugStringA
GetModuleHandleA
GetModuleHandleW
VirtualQuery
SetLastError
WaitForSingleObject
WideCharToMultiByte
GetModuleFileNameW
EnterCriticalSection
InitializeCriticalSection
FreeLibrary
GetSystemTimeAsFileTime
FindFirstFileW
IsWow64Process
ExitProcess
GetProcAddress
UnhandledExceptionFilter
FindClose
SetEnvironmentVariableW
GetFileSizeEx
CreateMutexW

advapi32

RegQueryValueExW
RegEnumValueW
RegSetValueExW
RegCreateKeyExW
DecryptFileW
EncryptFileW
RegOpenKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegCloseKey

ole32

CoGetDefaultContext
StringFromGUID2
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoTaskMemFree

gdiplus

GdipGetImageWidth
GdipDisposeImage

user32

GetClassNameW
GetWindowThreadProcessId
GetGUIThreadInfo
GetPropW
AllowSetForegroundWindow
GetForegroundWindow

shlwapi

SHRegGetValueW
StrDupW
PathSkipRootW
PathGetArgsW
PathIsUNCW
PathFindFileNameW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1eb369f00b6b30636584a55035bc845

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

gdiplus

user32

shlwapi

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 71KB - Virtual size: 70KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 71KB - Virtual size: 70KB

.edata
Size: 1024B - Virtual size: 244KB