93f946839b7901f6ad87dcf9c9df232c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93f946839b7901f6ad87dcf9c9df232c_JaffaCakes118
Size

59KB
MD5

93f946839b7901f6ad87dcf9c9df232c
SHA1

fdcf869e724a0020c3c7e77c6054ac8ea372f27f
SHA256

91a52a98fdac8bf663f9c14d9554961a63b4e3c49db9336b90f4b41a1fa23390
SHA512

f86c95661997d4646d3df3b528762c5e7d8725a7fd9c2f441a7e057be7559ffce396a72652c73f31eb2c54a80d8218a04a1c0f68d56798f210c2d9638c7a5007
SSDEEP

1536:hMvO9pEucM0ntS5Wiq6vsUEk4UoAfoq//T:V9p1ISWiq6kUEk4UoAfoqXT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93f946839b7901f6ad87dcf9c9df232c_JaffaCakes118

Files

93f946839b7901f6ad87dcf9c9df232c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9388a69d3b09c04dceff31cceedda2ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetBinaryType
ClearCommBreak
SetFileAttributesA
ConvertDefaultLocale
LocalFree
CompareFileTime
GetThreadPriority
FileTimeToSystemTime
Heap32ListFirst
HeapUnlock
GlobalUnWire
GetProcessVersion
SetErrorMode
GetConsoleCP
GetThreadSelectorEntry
CopyFileA
ScrollConsoleScreenBufferA
TransactNamedPipe
SystemTimeToFileTime
BackupWrite
OpenWaitableTimerA
IsBadReadPtr
QueryPerformanceFrequency
GetNamedPipeInfo
GetPriorityClass
LocalAlloc
RemoveDirectoryA
GetTickCount
SetThreadContext
ExitThread
InitializeCriticalSection
SetThreadExecutionState
FoldStringA
Sleep
LocalLock
GetPrivateProfileIntA
CreateFileMappingA
Toolhelp32ReadProcessMemory
SetUnhandledExceptionFilter
CreateEventA
GetExitCodeThread
GetProcessHeap
GlobalFlags
ContinueDebugEvent
CreateRemoteThread
WaitForDebugEvent
GetProfileSectionA
CreateSemaphoreA
GetProfileIntA
LocalFlags
GetNamedPipeHandleStateA
SetConsoleMode
GetConsoleCursorInfo

shlwapi

SHEnumKeyExA
PathSearchAndQualifyA
HashData
PathMakePrettyA
StrCSpnA
SHDeleteOrphanKeyA
PathCanonicalizeA
PathIsFileSpecA
StrFormatKBSizeA
SHRegEnumUSValueA
SHCreateShellPalette
PathIsSameRootA
PathFileExistsA
SHRegCloseUSKey
AssocCreate
DllGetVersion
StrCatBuffA
PathIsDirectoryA
AssocQueryStringA
PathRemoveBlanksA
StrRetToBufA
PathStripToRootA
SHDeleteEmptyKeyA
PathQuoteSpacesA
PathAddBackslashA
SHSetThreadRef
PathUnmakeSystemFolderA
ColorHLSToRGB
UrlGetLocationA
PathFindFileNameA
SHQueryInfoKeyA
UrlHashA
SHRegDeleteEmptyUSKeyA
PathRemoveArgsA
PathMatchSpecA
PathIsNetworkPathA
PathSkipRootA

Sections

.nwryl
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sfuxgh
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zifoz
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pyf
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9388a69d3b09c04dceff31cceedda2ed

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.nwryl Size: 22KB - Virtual size: 45KB

.sfuxgh Size: 5KB - Virtual size: 10KB

.zifoz Size: 1024B - Virtual size: 1KB

.pyf Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.nwryl
Size: 22KB - Virtual size: 45KB

.sfuxgh
Size: 5KB - Virtual size: 10KB

.zifoz
Size: 1024B - Virtual size: 1KB

.pyf
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB