ab75ee83a99762d4e6e18b7a5804a55b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab75ee83a99762d4e6e18b7a5804a55b_JaffaCakes118
Size

96KB
MD5

ab75ee83a99762d4e6e18b7a5804a55b
SHA1

2b1104263416d1be8d54e82043434d6207154d51
SHA256

704ada26f60bab1c98d6b8a13328d51d3ed7f3b1bd55d61f8a7943ddef2478ab
SHA512

688c97ceb73256ce105c4e334ce46d3216c4d0a604e3495f9356d879da650a50ceb22beffeb2fce7dea141a9c2c90217fa0da09b1a3210287bd43ad29f2657f5
SSDEEP

1536:ZQosUz7N7wfJsxlrf5QfIFlQHZBUo7NRALn2N5j/Rok3jtI2:IUOf6Vf5ZkHZr7Nb5j5ok3jtI2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab75ee83a99762d4e6e18b7a5804a55b_JaffaCakes118

Files

ab75ee83a99762d4e6e18b7a5804a55b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da475b5871730e7520ccd2edbb0735d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

InterlockedDecrement
InterlockedIncrement
lstrlenA
MultiByteToWideChar
lstrcpyA
lstrlenW
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
lstrcmpiA
GetCurrentThreadId
GetCommandLineA
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
WideCharToMultiByte
OutputDebugStringA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapValidate
HeapFree
HeapDestroy
DebugBreak
GetStartupInfoA
WriteFile
GetACP
GetCPInfo
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetFileType
SetHandleCount
CloseHandle
FlushFileBuffers
SetStdHandle
SetFilePointer
LCMapStringW
GetLastError
LocalFree
IsBadWritePtr
IsBadReadPtr
LCMapStringA
RtlUnwind
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetOEMCP
GetStdHandle
GetEnvironmentStrings
GetEnvironmentStringsW
GetVersion
ExitProcess
RaiseException
HeapAlloc
HeapReAlloc
TlsAlloc
HeapCreate
VirtualFree
TerminateProcess
GetCurrentProcess
VirtualAlloc
TlsSetValue
SetLastError
TlsGetValue
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW

ole32

CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoTaskMemFree
ProgIDFromCLSID
CoUninitialize
CoCreateInstance

oleaut32

LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
CreateErrorInfo
SetErrorInfo
SysAllocString
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantClear

user32

CharNextA
GetMessageA
DispatchMessageA
PostThreadMessageA
LoadStringA
SetForegroundWindow
PostMessageA
SetWindowLongA

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da475b5871730e7520ccd2edbb0735d8

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

user32

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 6KB