86144902aeb4ecda8099e6d7743f1c0b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

86144902aeb4ecda8099e6d7743f1c0b_JaffaCakes118
Size

176KB
MD5

86144902aeb4ecda8099e6d7743f1c0b
SHA1

5c97e86654716c379d85877aaca53598cb0e40b5
SHA256

195958a18f467dc7ede1791e22dcf10174a8db63866fc72036b2f9a071d8ba00
SHA512

8e19e4f1097048004109ed580813fe0b5e4ccee69dd75399b6eb457b244a412fe257fabc8aef411ac4a8344a87b7af18138a2d0de2ae682b2b79972af2eaca69
SSDEEP

3072:Z9NqmgFh/jf/SWa5KvdzUN5HrFS2ZQOpHe59oeS9SPoUiiFXRkyx:Z/q1/jr4KamOp+5bDhiiZR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86144902aeb4ecda8099e6d7743f1c0b_JaffaCakes118

Files

86144902aeb4ecda8099e6d7743f1c0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b5b880d3b01e2f8d6abc27cf2d90584

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
FormatMessageW
CreateFileA
lstrlenW
GetVersionExA
SetFilePointerEx
CompareStringW
SizeofResource
ReadFile
ReadFileEx
InterlockedCompareExchange
GetFileSizeEx
RaiseException
SetStdHandle
WriteFileEx
GetStringTypeA
SetEndOfFile
InitializeCriticalSection
InterlockedExchangeAdd
HeapReAlloc
LockResource
GetOEMCP
SetErrorMode
GlobalLock
LocalAlloc
GetFileType
WaitForSingleObject
GlobalUnlock
SetEvent
GetEnvironmentStrings
SleepEx
GetLocalTime
SetHandleCount
FindClose
HeapDestroy
TlsGetValue
GetFileAttributesW
TlsSetValue
HeapSize
GetThreadLocale
FreeLibrary
IsDebuggerPresent
FindCloseChangeNotification
WaitForSingleObjectEx
CreateFileW
GlobalAlloc
GetLocaleInfoA
TlsFree
GetModuleFileNameW
LCMapStringA
GetStringTypeW
FreeEnvironmentStringsW
CloseHandle
RegisterWaitForSingleObject
LocalFree
CreateEventA
FlushFileBuffers
GetFileAttributesA
CreateThread
CompareStringA
GetFileSize
HeapCreate
LCMapStringW
GetSystemTime
TryEnterCriticalSection
DeleteFileW
CreateEventW
FormatMessageA
SetFilePointer
InterlockedExchange
FreeEnvironmentStringsA
LoadResource
WaitForMultipleObjectsEx
GetCPInfo
ReleaseMutex
SetEnvironmentVariableA
TlsAlloc
DeleteFileA
ResetEvent
VirtualAlloc
lstrlenA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
WideCharToMultiByte
GetEnvironmentStringsW
GetStdHandle
DeleteCriticalSection
GetCurrentThreadId
SetLastError
GetLastError
GetCurrentThread
VirtualFree
HeapFree
RtlUnwind
WriteFile
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetACP
HeapAlloc
IsBadWritePtr
MultiByteToWideChar

advapi32

RegDeleteKeyA
SetSecurityDescriptorDacl
LookupAccountSidA
RegQueryValueExA
CheckTokenMembership
RegCreateKeyW
OpenThreadToken
RegOpenKeyExA
RegCreateKeyExA
AllocateAndInitializeSid
GetTokenInformation
RegCloseKey
IsValidSid

msi

ord223

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b5b880d3b01e2f8d6abc27cf2d90584

Headers

File Characteristics

Imports

kernel32

advapi32

msi

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 132KB - Virtual size: 230KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 132KB - Virtual size: 230KB

.rsrc
Size: 12KB - Virtual size: 10KB