a45443a14ed4406d9757eb7c7725b59c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a45443a14ed4406d9757eb7c7725b59c_JaffaCakes118
Size

126KB
MD5

a45443a14ed4406d9757eb7c7725b59c
SHA1

5a3af6ffd9295c1696a0fec1266142e8e27a9019
SHA256

7f6e122354646c383027f84f33226b3c82cca9f80fc5870ecfc40862aae55b64
SHA512

f8d5b2b0fca9adaed6bd914f673e199e4448905393fcf9497ab5fa53db8fcec06e1d28248c848bd5c5344208c207a5d3af165f417345bce6c8adf1f8006daab9
SSDEEP

3072:vWTL1w/a4aOre+H/SDkU2KLgeB6v7XWSwfh:ve6/a4xy+KDrgzXWDh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a45443a14ed4406d9757eb7c7725b59c_JaffaCakes118

Files

a45443a14ed4406d9757eb7c7725b59c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e6abd899d832e7af6ebcac4e2a2304b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

oleaut32

RegisterActiveObject
GetActiveObject
DllUnregisterServer

ole32

CoUninitialize
CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoInitialize
CoTaskMemFree

kernel32

GetVersion
FormatMessageA
GlobalFix
lstrcmpiW
GetTickCount
GetProcAddress
DeleteFileW
FindFirstFileW
FindClose
TerminateProcess
HeapReAlloc
SetCurrentDirectoryW
ExpandEnvironmentStringsW
ReleaseMutex
CloseHandle
SetLastError
SetCommMask
SetUnhandledExceptionFilter
LoadLibraryW
QueryPerformanceCounter
GetSystemDirectoryW
WriteFile
GetExitCodeProcess
lstrcmpW
CreateDirectoryW
QueryDosDeviceW
GetFullPathNameW
FormatMessageW
VirtualQuery
LoadLibraryA
GetPrivateProfileIntW
GetPrivateProfileStringW
GetTimeFormatW
GetDriveTypeW
FindNextFileW
GetPrivateProfileSectionW
CreateProcessW
GetStartupInfoA
InterlockedExchange
GetCommandLineW
IsValidLocale
GetModuleFileNameW
GetSystemTimeAsFileTime
InterlockedIncrement
GetModuleHandleA
UnhandledExceptionFilter
Sleep
GetCurrentProcess
GetVersionExA
GlobalAlloc
FreeLibrary
ReadFile
GetLastError
HeapAlloc
SetFilePointer
OpenMutexW
GetWindowsDirectoryW
OpenEventW
CreateFileW
CreateMutexW
GetDateFormatW
GetProcessHeap
InterlockedDecrement
GetCurrentDirectoryW
GlobalFree
DeviceIoControl
RaiseException
GetProcessHeap
GetDiskFreeSpaceExW
LocalReAlloc
GetTempPathW
MultiByteToWideChar
GetCurrentThreadId
GetLogicalDriveStringsW
HeapFree
GetFileAttributesW
GetCurrentProcessId
GetVolumeInformationW
CopyFileW
HeapSize
lstrlenW
LocalAlloc
LocalFree
lstrlenA
WideCharToMultiByte
WaitForSingleObject

advapi32

SetSecurityDescriptorDacl
RegisterEventSourceA
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
DeregisterEventSource

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zxmxqf
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 107KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6abd899d832e7af6ebcac4e2a2304b5

Headers

File Characteristics

Imports

shell32

oleaut32

ole32

kernel32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 9KB

.zxmxqf Size: 3KB - Virtual size: 3KB

.edata Size: 107KB - Virtual size: 127KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 9KB

.zxmxqf
Size: 3KB - Virtual size: 3KB

.edata
Size: 107KB - Virtual size: 127KB