a628b107032dfa16897985979198f0ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a628b107032dfa16897985979198f0ad_JaffaCakes118
Size

237KB
MD5

a628b107032dfa16897985979198f0ad
SHA1

d2d97f21aa3e60c87880c4cfeb1f0050a6a8b091
SHA256

96afaf39ecad321661899c92acc91126126d22d5c99c4f22dde0f72cfa1de18e
SHA512

222f5667eb732ae6d6655f84510731b8da74cb14c404f56e45dd7ab94d57c4de0dd28108fc04243713122452ac1b952c9b0a946cd2e6a6588a3545d7d270eeb1
SSDEEP

3072:/+pBWRHO5aXcXs/Tgn3FgL7zq95flVeTRbN7JAjVru5aoquK3pTCTEb+:BRu7XSWmqvEtJA5poquK3pTC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a628b107032dfa16897985979198f0ad_JaffaCakes118

Files

a628b107032dfa16897985979198f0ad_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a15aae601c10bc7090e63fb3edd97d37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\BuildEngineSpace\Temp\6db506e6-386e-4065-9645-1e2ed9386e40\build\Win32\Release\McAfeeSetup.pdb

Imports

shlwapi

PathFindExtensionA
PathAppendA
StrDupA

wintrust

WinVerifyTrust

kernel32

CreateFileA
GetFileSize
FindFirstFileW
SetFilePointer
lstrlenA
WritePrivateProfileStructA
GetLocaleInfoA
VirtualQuery
FreeLibrary
InterlockedIncrement
MoveFileExW
InterlockedDecrement
CreateDirectoryW
WaitForSingleObject
InterlockedCompareExchange
GetWindowsDirectoryA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
Sleep
GetVersionExW
GetFileAttributesA
GetFileAttributesW
ReadFile
GetACP
MultiByteToWideChar
FindFirstFileA
GetLastError
GetCurrentDirectoryW
GetThreadLocale
GetProcAddress
FindClose
GetPrivateProfileStringA
GetLocalTime
LoadLibraryA
RemoveDirectoryW
GetModuleFileNameA
CreateMutexA
FindNextFileW
DeleteCriticalSection
GetShortPathNameW
GetCurrentThreadId
OutputDebugStringA
ReleaseMutex
GetVersionExA
CloseHandle
DeleteFileW
GetCurrentProcessId
SetFileAttributesW
FindResourceA
lstrcmpA
lstrcpynA
LoadResource
GetTickCount
SizeofResource
LeaveCriticalSection
GetSystemDirectoryA
CreateDirectoryA
GetLongPathNameA
EnterCriticalSection
LockResource
GetTempPathA
LocalFree
lstrcpyA
IsBadReadPtr
SystemTimeToFileTime
lstrlenW
GetShortPathNameA
GetModuleHandleA
WriteConsoleW
FlushFileBuffers
GetPrivateProfileStructA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetConsoleMode
LocalAlloc
InterlockedExchange
RaiseException
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
VirtualFree
HeapReAlloc
ExitProcess
GetStdHandle
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a15aae601c10bc7090e63fb3edd97d37

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

wintrust

kernel32

oleaut32

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 3.9MB - Virtual size: 3.9MB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 3.9MB - Virtual size: 3.9MB

.reloc
Size: 10KB - Virtual size: 10KB