a71f1cfbcaf59f9dbb40e12576ffa670_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a71f1cfbcaf59f9dbb40e12576ffa670_JaffaCakes118
Size

104KB
MD5

a71f1cfbcaf59f9dbb40e12576ffa670
SHA1

031dcbe7026ebe86cb3cfe69588ef07f9ad8e22a
SHA256

98ff7603c4af9c5f6185763089621977d9141ad8b6ee36737c1a8afbe8d83668
SHA512

621491caefa6ea4e983011b201a9359a7eaf45dcffe4ac8d5c341a1b26398b5a6b84ef24962712219bfbd1c2d302e534ffa934cdd684b21e76dfee0511756ed7
SSDEEP

3072:h+h7ycpxETmjWdJdy2yH3RNQyAwTjMJePDfm:hON8ijWLWHQ8XMizm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a71f1cfbcaf59f9dbb40e12576ffa670_JaffaCakes118

Files

a71f1cfbcaf59f9dbb40e12576ffa670_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e761e6e1058ec5ec8ec9bc037945210b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
InterlockedCompareExchange
SetErrorMode
CreateEventW
GetConsoleMode
GetUserDefaultUILanguage
CloseHandle
WideCharToMultiByte
SetHandleContext
GetVersion
SetEndOfFile
TerminateProcess
FindResourceW
FindFirstFileW
GetLocaleInfoW
GetCurrentProcess
MapViewOfFile
GetFileAttributesW
GetFileType
GetTickCount
CreateFileW
GetModuleHandleW
GetCurrentThreadId
SetEvent
VirtualQuery
QueryPerformanceCounter
GetConsoleOutputCP
UnmapViewOfFile
GetFileTime
HeapCreate
InterlockedExchange
FindClose
CreateProcessW
HeapAlloc
GetCurrentProcessId
CreateMutexW
LoadResource
VirtualQuery
Sleep
WaitForSingleObject
SetFileTime
CreateFileMappingW
MultiByteToWideChar
HeapFree
ExpandEnvironmentStringsW
LoadLibraryExW
SetLastError
GetSystemInfo
SetUnhandledExceptionFilter
HeapValidate
LocalLock
HeapDestroy
GetSystemTimeAsFileTime
ReleaseMutex
DuplicateHandle
IsDebuggerPresent
GetModuleFileNameW
UnhandledExceptionFilter

user32

SetTimer
GetMessageA
wsprintfA
LoadCursorA
MessageBoxA

comdlg32

GetOpenFileNameA
CommDlgExtendedError

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyA
RegOpenKeyExA

shell32

DragAcceptFiles
SHAppBarMessage
ShellExecuteW
ShellExecuteA
DragQueryFileW
DragQueryFileA

ole32

CoTaskMemFree
CoTaskMemAlloc
CreateItemMoniker
StringFromGUID2
CLSIDFromProgID
CoTaskMemRealloc
CLSIDFromString
CoInitialize
OleUninitialize
GetRunningObjectTable
OleLockRunning
CoUninitialize
CreateStreamOnHGlobal
OleInitialize
CoGetClassObject
CoCreateInstance
CoFreeUnusedLibraries

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.djhysh
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 140KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e761e6e1058ec5ec8ec9bc037945210b

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 117KB

.djhysh Size: 3KB - Virtual size: 3KB

.edata Size: 140KB - Virtual size: 255KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 117KB

.djhysh
Size: 3KB - Virtual size: 3KB

.edata
Size: 140KB - Virtual size: 255KB