93b9bad8579029daefff8c9ae44729cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93b9bad8579029daefff8c9ae44729cb_JaffaCakes118
Size

75KB
MD5

93b9bad8579029daefff8c9ae44729cb
SHA1

7fe463df78bc58cff656ddbdd23632c94eb9f995
SHA256

aa5338b62dee7adbcc0520690ece400f796e692bb5a27b8bbf30e11e5543afe6
SHA512

551094cf11e1a739149795c3b92602f7c3cdcc7849733fd267c048f0e8cb371fba2a812ddc08d5ce4252baadadee4c6b106601b03f26299dfe90f26d6c4a5100
SSDEEP

1536:BjRsJZjs2R44D9/j5dEON1NN/8JAQ2tnSpc0:tRsnjJpDleARnf0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93b9bad8579029daefff8c9ae44729cb_JaffaCakes118

Files

93b9bad8579029daefff8c9ae44729cb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

edb671fea074b55843e279b9e483f947

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetCurrentThreadId
lstrcatW
WriteProfileStringA
SetFilePointerEx
GetLocaleInfoA
GetModuleFileNameW
CreateEventW
VirtualQuery
GetShortPathNameA
VirtualAlloc
SearchPathW
GetSystemDirectoryA
GetNumberFormatA
DuplicateHandle
GetSystemTimeAsFileTime
ResumeThread
HeapCreate
GetSystemTime
SetEvent
GetCurrentProcess
CreateProcessW
FindResourceW
CreateFileMappingW
InterlockedExchange
WaitForSingleObject
GetSystemInfo
GetModuleHandleW
GetStringTypeExA
OpenEventA
LoadResource
GetFileType
GetThreadPriority
GetConsoleMode
GetTempPathA
HeapDestroy
GetProfileIntA
UnmapViewOfFile
GetShortPathNameW
SetErrorMode
ExpandEnvironmentStringsW
CreateTimerQueueTimer
GetLogicalDriveStringsA
CompareStringA
GetLocaleInfoW
CreateMutexW
lstrcmpA
CloseHandle
GetFileSize
ReleaseMutex
GetProcessTimes
LCMapStringA
QueryPerformanceCounter
SetHandleInformation
ReadFile
GetDateFormatW
MapViewOfFile
GetFileTime
OutputDebugStringA
SetEndOfFile
InterlockedCompareExchange
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
SetFileTime

advapi32

LookupPrivilegeValueA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegQueryInfoKeyA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
RegDeleteKeyA

wintrust

HTTPSCertificateTrust
WintrustAddActionID
WintrustGetDefaultForUsage
WinVerifyTrust

user32

LoadStringW

comdlg32

CommDlgExtendedError
GetOpenFileNameA

ole32

CoInitialize
CoInitializeSecurity
CoTaskMemAlloc
StgOpenStorage
CreateOleAdviseHolder
CoInitializeEx
RevokeDragDrop
RegisterDragDrop
StgCreateDocfile
CreateStreamOnHGlobal
DoDragDrop
CoUninitialize
CoCreateInstance
ReleaseStgMedium

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edb671fea074b55843e279b9e483f947

Headers

File Characteristics

Imports

kernel32

advapi32

wintrust

user32

comdlg32

ole32

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 9KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 4KB

.rdata Size: 46KB - Virtual size: 79KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 9KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 4KB

.rdata
Size: 46KB - Virtual size: 79KB