9672ca675b68f3fe2d1d86d24c86e87a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9672ca675b68f3fe2d1d86d24c86e87a_JaffaCakes118
Size

224KB
MD5

9672ca675b68f3fe2d1d86d24c86e87a
SHA1

fa899434c0f16c50b51432ba5280b48173ce0e01
SHA256

5d6304aa283adb36f7095ec08b315daf383b8ce590cf4f278b83c05901890dc5
SHA512

76a8f06e19fe3a5ae955200e2af0efc72d97484cddc1e7ad0e22ec63a5584f8193db2a01d0f6fb1ebef556e2a6dbdc85cdb091119f8336315778b003d4763b4c
SSDEEP

3072:gkcgTRqDkenQwQ0n6xXabJrPFV6hk0GGS7Adh40Q2Ww2AjQSad:vTR6U0n6xqb5mhk02WDOAj1a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9672ca675b68f3fe2d1d86d24c86e87a_JaffaCakes118

Files

9672ca675b68f3fe2d1d86d24c86e87a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c63ac69d46ae01c8261aed21f954e44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupGetInfFileListW
SetupScanFileQueueW
SetupInstallFileW
SetupInstallFilesFromInfSectionW
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupGetSourceFileLocationW
SetupGetSourceFileSizeW
SetupCloseFileQueue
SetupCloseInfFile
SetupCommitFileQueueW
SetupDecompressOrCopyFileW
SetupQueryInfFileInformationW
SetupOpenInfFileW

kernel32

GetCurrentProcess
ReadFile
SetEndOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
HeapSize
CreateFileA
SetFilePointer
FlushFileBuffers
WriteConsoleW
lstrcmpW
QueryPerformanceCounter
GetWindowsDirectoryW
GetSystemTime
OpenProcess
GetVersionExW
GetModuleHandleW
GetDateFormatW
SizeofResource
LoadResource
CreateEventW
GetVersion
GetVolumeInformationW
GetCommandLineW
GetLocalTime
CreateFileW
FindClose
FindNextFileW
FindFirstFileW
TlsGetValue
TlsAlloc
VerLanguageNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoW
GetVersionExA
GetLastError
CloseHandle
WriteFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
SetStdHandle

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 729KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c63ac69d46ae01c8261aed21f954e44

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 120KB - Virtual size: 729KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 120KB - Virtual size: 729KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 12KB - Virtual size: 8KB