ad6e9db91c4f1f778c3675b40eb13705_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad6e9db91c4f1f778c3675b40eb13705_JaffaCakes118
Size

150KB
MD5

ad6e9db91c4f1f778c3675b40eb13705
SHA1

086670e56dc948bcb6bfc3aec260f3f3d434abb1
SHA256

d1a2ec113f167a53e0e5532f3206f3f95b1e7822fbf856ee743b6c4a671f5ece
SHA512

bd8082270509a9a85600f986f010225b0f435b25deed21e8b5cc1cdbbd74d27ecc6099fce81c0ea47946bd01eee7a9f15b4e0c97e1565cff4231d1565f93d97a
SSDEEP

3072:vtYSoCK73XUUfN9exce+91eYz0xkbyaiuVePjPrpJM2I8+uTpKWH:vSSzKDEA93DT0vPjjzW8ftz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad6e9db91c4f1f778c3675b40eb13705_JaffaCakes118

Files

ad6e9db91c4f1f778c3675b40eb13705_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac5144e9714e37f3af56752ae793e2a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetCPInfoExA
GetLastError
GetCommandLineA
GetVolumeInformationA
DeleteFileA
GetShortPathNameA
CreateEventA
CreateThread
GetExitCodeProcess
lstrcpyA
GetThreadSelectorEntry
GlobalUnlock
RemoveDirectoryA
GlobalAlloc
ResetEvent
SetEvent
GetStartupInfoA
lstrcmpiA
CloseHandle
GetWindowsDirectoryA
GetVersionExA
LocalFileTimeToFileTime
SetFileAttributesA
GetSystemDirectoryA
GetCurrentProcessId
lstrcatA
LoadLibraryExA
GetSystemTimeAsFileTime
LoadLibraryA
GetTempPathA
TerminateThread
CreateMutexA
SetCurrentDirectoryA
SizeofResource
GetDriveTypeA
GetCurrentProcess
GetCurrentThreadId
lstrcmpA
GetTempFileNameA
lstrlenA
FindNextFileA
GetTickCount
GetModuleFileNameA
lstrcpynA
CreateFileA
WaitForSingleObject
IsDBCSLeadByte
LoadResource
SetFilePointer
FreeLibrary
GetProcAddress
GetSystemInfo
GlobalFree
GetDiskFreeSpaceA
FreeResource
CreateDirectoryA
GetDriveTypeA
FindFirstFileA
GetCurrentDirectoryA
LocalFree
MulDiv
GlobalLock
LocalAlloc
FindClose
DosDateTimeToFileTime
FindResourceA
CreateProcessA
WriteFile
ReadFile
ExitProcess
SetFileTime
FormatMessageA
GetPrivateProfileIntA
LockResource
GetModuleHandleA
QueryPerformanceCounter
GetFileAttributesA

oleaut32

RegisterActiveObject
DllUnregisterServer
GetActiveObject

shell32

Shell_NotifyIconA

advapi32

RegisterEventSourceA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
DeregisterEventSource

ole32

GetRunningObjectTable
CoInitialize
CoUninitialize
CreateItemMoniker
CoCreateInstance
CoTaskMemFree

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 133KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac5144e9714e37f3af56752ae793e2a7

Headers

File Characteristics

Imports

kernel32

oleaut32

shell32

advapi32

ole32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.text1 Size: 133KB - Virtual size: 155KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text1
Size: 133KB - Virtual size: 155KB