aa5d0a30cc811e5098e4513dc329e217_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aa5d0a30cc811e5098e4513dc329e217_JaffaCakes118
Size

1.0MB
MD5

aa5d0a30cc811e5098e4513dc329e217
SHA1

8aadd6f243f80579bc555d5675cea459d9b0a700
SHA256

86a7434f76a61841802fbcfb5f023e711e0c959436b25a0260bde5059260a065
SHA512

8c359197d1fad6dcfe733de65f3d51e786b2eb2b2b64ccd43e583b0d28a2be21e62cbfed689cb03f23a8fd99bcc80845f1fab5990eeb85e6459a13af759ea93d
SSDEEP

24576:u6wbdSqxZlfInTJ/n7YQJEVoM3PLj5zHGIHMTMqZF7q8t:u6wbfxZlfInVYOsosjjF5sgqZFG8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa5d0a30cc811e5098e4513dc329e217_JaffaCakes118

Files

aa5d0a30cc811e5098e4513dc329e217_JaffaCakes118
.exe windows:1 windows x86 arch:x86

11101cc395a0802105cec39c31bad865

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
GetProfileStringA
Module32First
CopyFileA
GetTempPathA
HeapCompact
PulseEvent
OpenWaitableTimerA
SignalObjectAndWait
SetHandleCount
SetFileTime
DuplicateHandle
DeleteTimerQueue
FlushViewOfFile
HeapReAlloc
CopyFileExW
SetFilePointer
GetStdHandle
IsBadReadPtr
GetEnvironmentVariableA
GetFullPathNameA
_lwrite
GetNumberFormatA
SetHandleInformation
_lopen
GetMailslotInfo
GetStartupInfoA
SetFileAttributesA
ReadConsoleA
GetProfileIntA
CreateFileMappingA
GetCurrentProcess
GetCommState
ChangeTimerQueueTimer
OpenEventA
GetStdHandle
GetCurrentThreadId
LocalFileTimeToFileTime
lstrlenA
LZOpenFileA
QueryPerformanceCounter
VirtualAlloc
GetFileSize
GetCommandLineA
GetPrivateProfileIntA
GetCommModemStatus
GetThreadContext
RemoveDirectoryA
SetPriorityClass
HeapAlloc
VerifyVersionInfoA
WritePrivateProfileStructA
TermsrvAppInstallMode
GetCurrentDirectoryA
PurgeComm
GetCurrentThread
GetTickCount
CloseConsoleHandle
QueryMemoryResourceNotification
GetPrivateProfileStringA
CreatePipe
LZSeek
GetStringTypeExA
GetModuleHandleA
FindResourceExW
GetExitCodeProcess
GetModuleHandleA
GetSystemTimes
EnumResourceTypesA
ReleaseSemaphore
GetDiskFreeSpaceA
CreateSemaphoreA
IsProcessorFeaturePresent
GetThreadContext
GetEnvironmentStringsA
ConnectNamedPipe
GlobalMemoryStatus
GetFileAttributesA
QueryPerformanceFrequency
OpenMutexA
GetWindowsDirectoryA
AddConsoleAliasA
GetCurrentProcess
IsProcessorFeaturePresent
GetThreadContext
SetFileAttributesA
FindNextVolumeMountPointA
GetThreadPriority
OpenEventA
GetComputerNameA
MulDiv
GetDefaultCommConfigA
SetConsoleMode
SetFileShortNameA
GetCPInfoExA
GetCurrentThreadId
GlobalSize
ExitProcess
LockResource
WriteConsoleOutputCharacterA
LZCopy
SetLastConsoleEventActive
SetEndOfFile
GetPrivateProfileSectionNamesA
GetConsoleTitleA
SetFilePointerEx
FindResourceExA
GetLogicalDriveStringsA
WriteConsoleOutputA
LocalHandle
GetSystemInfo
AddConsoleAliasA
GetProcessTimes
GetCalendarInfoA
GetNumberOfConsoleMouseButtons
CreateSemaphoreA
ExitThread
GetConsoleTitleA
HeapCreate
GetDiskFreeSpaceExA
MoveFileA
CommConfigDialogA
OutputDebugStringA
FindNextVolumeMountPointA
CommConfigDialogA
GetFileSizeEx
ExitProcess
Heap32ListFirst
LZRead
GetCommProperties
SetComputerNameA
ReadConsoleA
GetConsoleAliasExesLengthA

ntdll

RtlGetLastWin32Error

user32

DestroyWindow

advapi32

AddAccessDeniedAceEx

Sections

.text
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 686KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11101cc395a0802105cec39c31bad865

Headers

File Characteristics

Imports

kernel32

ntdll

user32

advapi32

Sections

.text Size: 324KB - Virtual size: 324KB

.idata Size: 686KB - Virtual size: 2.0MB

.rsrc Size: 32KB - Virtual size: 36KB

.text
Size: 324KB - Virtual size: 324KB

.idata
Size: 686KB - Virtual size: 2.0MB

.rsrc
Size: 32KB - Virtual size: 36KB