ad16f818470d09beb9757b873d3feb27_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad16f818470d09beb9757b873d3feb27_JaffaCakes118
Size

231KB
MD5

ad16f818470d09beb9757b873d3feb27
SHA1

b4064cfaca5af6154db698891a9ae78b0508676b
SHA256

f278cb2e5c34a75a2f5e57ffb4c8a9a52bc8abad537a61f481730be0c0b13d40
SHA512

4196d76256b3d7dc6487642cb3bee86eab5eb932731ed8b4a369323c8acfd5e89813186833977959968b6f4d7850ea2a8b5f9605fef2f59924be46c65e418acc
SSDEEP

6144:OJ/C9sN1uvP17CRHQqUK/L2B+i2L9o41jW5/wFb5ya2v7:YCKCvN7fqU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad16f818470d09beb9757b873d3feb27_JaffaCakes118

Files

ad16f818470d09beb9757b873d3feb27_JaffaCakes118
.exe windows:5 windows x64 arch:x64

a5d59c087f5c11bcb4536d2e856cc3e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupCopyOEMInfW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW

kernel32

FlsSetValue
GetProcessHeap
SetEndOfFile
HeapReAlloc
GetTickCount
GetModuleFileNameW
WideCharToMultiByte
lstrlenW
GetLastError
GetPrivateProfileStringW
WritePrivateProfileStringW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
GetWindowsDirectoryW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
HeapSize
GetLocaleInfoA
GetStringTypeW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapFree
HeapAlloc
CloseHandle
ReadFile
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA

user32

wsprintfW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemFree

shlwapi

PathRemoveFileSpecW
PathRenameExtensionW
SHGetValueW
PathCombineW
PathAppendW
PathFileExistsW

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5d59c087f5c11bcb4536d2e856cc3e5

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

ole32

shlwapi

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 6KB - Virtual size: 14KB

.pdata Size: 5KB - Virtual size: 4KB

�� Size: 1KB - Virtual size: 1KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 6KB - Virtual size: 14KB

.pdata
Size: 5KB - Virtual size: 4KB

��
Size: 1KB - Virtual size: 1KB