77fc0e0e55f754b80c9ad41898995fc3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

77fc0e0e55f754b80c9ad41898995fc3_JaffaCakes118
Size

58KB
MD5

77fc0e0e55f754b80c9ad41898995fc3
SHA1

c39759e5facf915f29bcd04cea47dc333105115e
SHA256

e888345a662e2af5c33afb17df198c573efe2cedb690bf8e1b9461e5f976a71d
SHA512

a449a575bd5fdd7847b117408a14dc9161af0f5f30f29b6397a080dcf8d817a9c8b3ae1a041536699a2e9d1b58a7b7aea32e760e8255667a997691823211d5ce
SSDEEP

1536:mKdh/9A7+SEII0f0vBFyGe2nEeH6vZsFuDnXZMI:mUk+7/0fAFQGEeavZnpMI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77fc0e0e55f754b80c9ad41898995fc3_JaffaCakes118

Files

77fc0e0e55f754b80c9ad41898995fc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93914b3e1b40a371cf593c9fd72ce075

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
CreateIoCompletionPort
GetSystemTimeAdjustment
FormatMessageA
GlobalFree
MulDiv
FillConsoleOutputAttribute
EnumSystemLocalesA
WriteProfileSectionA
CallNamedPipeA
SetNamedPipeHandleState
VirtualFreeEx
FileTimeToLocalFileTime
WaitCommEvent
GenerateConsoleCtrlEvent
FreeEnvironmentStringsA
ResetWriteWatch
ReadFileScatter
SetCommMask
GetNamedPipeHandleStateA
SetTapePosition
SetTapeParameters
ResumeThread
GetCurrentThreadId
WriteConsoleOutputCharacterA
GetSystemInfo
SetCommTimeouts
TransmitCommChar
CreateEventA
lstrcpyn
GetFileTime
ReadFile
FindResourceA
ContinueDebugEvent
WriteFileGather
FindResourceExA
CreateMutexA
SetEndOfFile
GetProfileIntA
ConvertDefaultLocale
GetModuleFileNameA
RaiseException
ReadConsoleA
GetCurrentProcess
SetLocaleInfoA
VirtualQuery
GetPriorityClass
FlushConsoleInputBuffer
LocalSize
GlobalAddAtomA
_lwrite
GetNumberOfConsoleInputEvents

shlwapi

StrCSpnA
StrCmpNIA
PathRemoveFileSpecA
PathFileExistsA
StrPBrkA
StrSpnA
PathIsFileSpecA
SHRegCloseUSKey
PathIsSameRootA
SHRegQueryInfoUSKeyA
PathGetArgsA
HashData
SHCreateShellPalette
StrIsIntlEqualA
PathMakePrettyA
PathFindOnPathA
SHRegEnumUSValueA
AssocQueryStringA
UrlHashA
SHCreateStreamWrapper
SHGetValueA
StrChrIA
SHSkipJunction
PathRemoveBlanksA
PathFindFileNameA
PathIsRelativeA
PathIsUNCServerShareA
PathUnmakeSystemFolderA
StrFormatKBSizeA
PathSearchAndQualifyA
SHAutoComplete
UrlIsOpaqueA
PathCanonicalizeA
SHRegDeleteEmptyUSKeyA
StrRetToBufA
PathStripToRootA
SHDeleteOrphanKeyA
StrStrIA

Sections

.slgp
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jmn
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rerut
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pspst
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93914b3e1b40a371cf593c9fd72ce075

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.slgp Size: 22KB - Virtual size: 45KB

.jmn Size: 5KB - Virtual size: 10KB

.rerut Size: 1024B - Virtual size: 1KB

.pspst Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.slgp
Size: 22KB - Virtual size: 45KB

.jmn
Size: 5KB - Virtual size: 10KB

.rerut
Size: 1024B - Virtual size: 1KB

.pspst
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB