66db0ac613cd08e343fc1f7d49b9151a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

66db0ac613cd08e343fc1f7d49b9151a_JaffaCakes118
Size

191KB
MD5

66db0ac613cd08e343fc1f7d49b9151a
SHA1

88a274c2db5aed9c44d301fddf4c5b62991d78f3
SHA256

2f206c4aa87adef895adf0af3c8f075934615d0b6007804490d79949862f9757
SHA512

0c4925090feb505e35d2d7dec14de0537ca42faefa4958038071c6f29b487ff9ec349e46122d743fade6207e0f9a792f63e024fadc8964ed5e6aea296411fb5f
SSDEEP

3072:OknNn5Ur+pyqj1LWr289k2ipEADxj8t5UK8CAxVOOA4JIA/QdEfFvLeb:TnN5ZHorLH7ADxj8t5eCAxVOOyA/EEte

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66db0ac613cd08e343fc1f7d49b9151a_JaffaCakes118

Files

66db0ac613cd08e343fc1f7d49b9151a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aef0f70620d10c13ba4b8890ff432f7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegEnumKeyW
DecryptFileW
RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
EncryptFileW
RegCloseKey

kernel32

FindFirstFileW
GetCalendarInfoW
GetCurrentDirectoryW
LoadLibraryW
CreateDirectoryW
GetLastError
SearchPathW
GetSystemTimeAsFileTime
UnhandledExceptionFilter
LocalAlloc
GetTickCount
SetEnvironmentVariableW
FindNextFileW
GetModuleHandleA
Sleep
MultiByteToWideChar
OutputDebugStringA
GetProcessId
GetProcAddress
UnmapViewOfFile
VirtualProtect
EnterCriticalSection
FreeLibrary
VirtualQuery
SetLastError
OpenProcess
GetLogicalDriveStringsW
InterlockedExchange
QueryDosDeviceW
ReleaseMutex
GetCurrentProcess
EnumResourceNamesA
QueryPerformanceCounter
GetFileInformationByHandle
IsWow64Process
ExitProcess
OutputDebugStringW
GetFileAttributesW
GetFileSizeEx
GetCurrentThreadId
SetUnhandledExceptionFilter
InitializeCriticalSection
SetFileAttributesW
InterlockedCompareExchange
GetModuleHandleW
WaitForSingleObject
LocalFree
lstrcmpiW
lstrlenW
CreateFileMappingW
GetModuleFileNameW
DuplicateHandle
FindClose
WideCharToMultiByte
MapViewOfFile
EncodePointer
CreateMutexW

ole32

CoGetDefaultContext
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoTaskMemFree

gdiplus

GdipGetImageWidth
GdipDisposeImage

shlwapi

PathGetArgsW
PathSkipRootW
PathIsUNCW
StrDupW
SHRegGetValueW
PathFindFileNameW

user32

GetWindowThreadProcessId
GetGUIThreadInfo
GetPropW
AllowSetForegroundWindow
GetClassNameW
GetForegroundWindow

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aef0f70620d10c13ba4b8890ff432f7f

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

gdiplus

shlwapi

user32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 77KB - Virtual size: 77KB

.edata Size: 1024B - Virtual size: 112KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 77KB - Virtual size: 77KB

.edata
Size: 1024B - Virtual size: 112KB