b007f9cb376d7c2d4905f2887d7ce89c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b007f9cb376d7c2d4905f2887d7ce89c_JaffaCakes118
Size

153KB
MD5

b007f9cb376d7c2d4905f2887d7ce89c
SHA1

23c04798f86238cecc9dba416c6a1bb6acc3948a
SHA256

839b2d6961bd1d057b6098a45d8e1c4000ca76ca1929d322c2fc3c263565f7c2
SHA512

d7d560f168d315a467b1138a754dfd193e41e63bbea0ec57b4bbcf1a9f48981fe3c1c5642ac4f328989057512dfcdd451a20b5a36f18ae79348e171a368482bc
SSDEEP

3072:O1Ej1ea3O/Ie3gduSGdf2JTadKJZgQMyxFqAZLy7zsVS0+ej/Nv1abyx6O:19IZ2JQKsQHNLwuiElv13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b007f9cb376d7c2d4905f2887d7ce89c_JaffaCakes118

Files

b007f9cb376d7c2d4905f2887d7ce89c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffe8ca271fb577bf95f262adfbe95a26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

shell32

ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHGetFileInfoA
SHBrowseForFolderA

ole32

OleBuildVersion
CreateDataAdviseHolder
CoLockObjectExternal
CoQueryClientBlanket

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA

kernel32

GetVersionExA
FreeEnvironmentStringsW
GetProcAddress
FreeLibrary
GetProcessHeap
ReleaseSemaphore
GetModuleFileNameW
GetLongPathNameW
WaitForSingleObject
GlobalMemoryStatusEx
TermsrvAppInstallMode
FatalExit
CreateDirectoryA
GetCurrentDirectoryW
CreateProcessW
CreateFileMappingA
CreateFileA
RegisterWowExec
GetTempFileNameW
MapViewOfFile
ReadFile
CloseHandle
LCMapStringW
ExitProcess
GetStringTypeA
LocalFree
SetFilePointer
WriteFile
GetStringTypeW
LCMapStringA
HeapFree
GetOEMCP
GetTempPathW
SetLastError
GetTempPathA
GetCommandLineA
FlushFileBuffers
CreateProcessA
GetLogicalDriveStringsA
HeapReAlloc
InterlockedExchange
GetModuleHandleA
GetCurrentProcess
LoadLibraryA
GetFileSize
SetInformationJobObject
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
ActivateActCtx
HeapAlloc
CreateFileW

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffe8ca271fb577bf95f262adfbe95a26

Headers

DLL Characteristics

File Characteristics

Imports

version

shell32

ole32

advapi32

kernel32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.rdata Size: 132KB - Virtual size: 139KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.rdata
Size: 132KB - Virtual size: 139KB