b0f3600e5fe8b162635d481d20d0b52d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b0f3600e5fe8b162635d481d20d0b52d_JaffaCakes118
Size

17KB
MD5

b0f3600e5fe8b162635d481d20d0b52d
SHA1

6fddba7746ac5f671e62c19e0bd80c9972eac27d
SHA256

49bbb3fa968472a4bcdbd7236cd11d2cf5f8f45d3b018709978b65ecef0344d1
SHA512

413c6845600489eed531271d459c9990540ee4358d6cf9282708bef933f987cf956c17f7f300fcd1b88b13972052d61c64e97cdd758ea8fac18aa253216eaa4e
SSDEEP

192:XQy21xuSgllhXWvuIiO6Sg44JxONuxLSd1e953+:g9uSgbAv1cSgpxWd1e/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0f3600e5fe8b162635d481d20d0b52d_JaffaCakes118

Files

b0f3600e5fe8b162635d481d20d0b52d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a540ea51df10744280d16c7f9bb89225

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
HeapAlloc
CreateEventW
GetFileAttributesA
GetExitCodeProcess
OpenEventA
GetDriveTypeA
GetShortPathNameW
CloseHandle
GetProcessHeap
FindClose
SetFileTime
GetThreadTimes
EnterCriticalSection
FormatMessageA
WaitForMultipleObjects
CreateThread
DeleteFileA
Sleep
EnumSystemCodePagesW
IsValidLanguageGroup
SetEnvironmentVariableA
GetEnvironmentVariableA
QueryDosDeviceA
GetSystemTimeAsFileTime
MoveFileA
FlushFileBuffers
GetNumberFormatA
SystemTimeToFileTime
SetLastError
WriteFile
GetFileSize
CreateFileA
VirtualQuery
FindNextFileA
SwitchToThread
CopyFileA
FindFirstFileA
GetSystemTime
GetDiskFreeSpaceA
GetTickCount
GetProcAddress
GetCommandLineA
DeleteCriticalSection
SetFileAttributesA
ReadFile
GetModuleFileNameA
SetFileAttributesA
GetCurrentThreadId
SetUnhandledExceptionFilter
GetSystemDirectoryA
SetEvent
LocalFileTimeToFileTime
ReleaseActCtx
DeviceIoControl
HeapFree
LeaveCriticalSection
CopyFileExW
TerminateProcess
DosDateTimeToFileTime
GetCurrentProcessId
SetErrorMode
SetVolumeLabelA
SetFilePointer
MoveFileExA
GetPrivateProfileIntW
QueryPerformanceCounter
SetEndOfFile
GlobalFlags
CreateProcessA
GetCurrentDirectoryA
GetVersionExA

user32

MessageBoxA
ShowWindow
GetKeyNameTextA
ChangeDisplaySettingsA

ole32

CoInitialize
CoUninitialize
CoCreateInstance
OleInitialize

comdlg32

GetOpenFileNameA
GetSaveFileNameW
GetOpenFileNameW
GetSaveFileNameA
PrintDlgA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.htux
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 129KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a540ea51df10744280d16c7f9bb89225

Headers

File Characteristics

Imports

kernel32

user32

ole32

comdlg32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 125KB

.htux Size: 3KB - Virtual size: 3KB

.edata Size: 129KB - Virtual size: 251KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 125KB

.htux
Size: 3KB - Virtual size: 3KB

.edata
Size: 129KB - Virtual size: 251KB