a6c5402023b9db478ad92d65bef2c6a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6c5402023b9db478ad92d65bef2c6a6_JaffaCakes118
Size

1.1MB
MD5

a6c5402023b9db478ad92d65bef2c6a6
SHA1

3e290fd10594a023e074efaf4cab300f329be188
SHA256

53b0238d3c35469dc3b3f291e46d1bd7b260d4c6b29e4ededd84bfe60a8a9abf
SHA512

dd89313a92c3f79fe8da68834521580dd8b5b30f26394b66e56a6d79995491ac2fe4f1efe9df00ce5b25d9cf01b6a3e7089886e4f9671ce0bc7011e6456e0e62
SSDEEP

24576:9CTTyN2ZMSleCT9AHb+WZMaT8kPPBRS6pltYdgrIFJD2X:9Cv1MSleCT90RZMaT8GB3lt03Fh2X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6c5402023b9db478ad92d65bef2c6a6_JaffaCakes118

Files

a6c5402023b9db478ad92d65bef2c6a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7d1639fc6143b1bb560cbb1c804319d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
LeaveCriticalSection
lstrcmpiA
EnterCriticalSection
lstrlenA
MoveFileExA
GetModuleFileNameA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
DeleteFileA
GetVersion
LocalFileTimeToFileTime
SystemTimeToFileTime
GetDriveTypeA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEndOfFile
SetFilePointer
SetFileTime
GetFullPathNameA
GetConsoleScreenBufferInfo
GetStdHandle
ReadFile
SetConsoleMode
GetConsoleMode
DosDateTimeToFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
SetVolumeLabelA
GetExitCodeProcess
SetEnvironmentVariableW
CreateDirectoryA
lstrcpynA
CreateMutexA
InterlockedExchange
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
GetCurrentProcess
CreateFileA
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
GetLocalTime
CloseHandle
FindFirstFileA
FindClose
SetCurrentDirectoryA
MultiByteToWideChar
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
SetStdHandle
GetFileType
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetACP
GetOEMCP
GetCPInfo
WriteFile
FlushFileBuffers
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
VirtualProtect
GetSystemInfo
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryA
RtlUnwind
GetLocaleInfoW
GetCurrentDirectoryA
CreateProcessA

user32

CharToOemA
OemToCharA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorControl

shell32

ShellExecuteExA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7d1639fc6143b1bb560cbb1c804319d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 59KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 59KB

.rsrc
Size: 24KB - Virtual size: 23KB