b012adc33fc0bfddbfd46f136d710e3a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b012adc33fc0bfddbfd46f136d710e3a_JaffaCakes118
Size

59KB
MD5

b012adc33fc0bfddbfd46f136d710e3a
SHA1

546b8398096d8d0094762db9be22de61f77b5bc2
SHA256

6de5c709490e9e044e09fe4c0b86f492537750606ab7098d4305f5bc2a9534ab
SHA512

64ad0b2c37d46eb0043b477ae3b40f852f70dc7d47f44006508e61f9a88e0b4a4f86d1c9d8965773757e81b038d49c03651048e846141d5d862ed6bdf58c0ed3
SSDEEP

1536:xQUDqCnHlc8K1XtHWflrZ5l6sMqdu2hn:esqCnFw19H8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b012adc33fc0bfddbfd46f136d710e3a_JaffaCakes118

Files

b012adc33fc0bfddbfd46f136d710e3a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8e11d74f7aac42c29696c9fea589736

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalCompact
GetCommState
MulDiv
GetThreadLocale
LocalAlloc
BuildCommDCBA
GetThreadTimes
DefineDosDeviceA
LoadLibraryExA
GetPriorityClass
FatalAppExitA
CreateProcessA
TlsAlloc
InterlockedCompareExchange
Heap32First
GetCurrentThreadId
EndUpdateResourceA
SetConsoleCursorPosition
GetUserDefaultLangID
ReleaseSemaphore
SignalObjectAndWait
ExitThread
SetEnvironmentVariableA
CommConfigDialogA
BackupWrite
ReadFileEx
_lread
GetDiskFreeSpaceExA
GetTimeZoneInformation
WritePrivateProfileStructA
IsSystemResumeAutomatic
SetCalendarInfoA
SetThreadExecutionState
QueueUserAPC
Module32Next
FindResourceExA
SetComputerNameA
WriteConsoleA
SetCommTimeouts
DisconnectNamedPipe
Sleep
ConnectNamedPipe
TransactNamedPipe
WriteProfileStringA
GlobalUnfix
GetModuleFileNameA
GetSystemTimeAdjustment
GetUserDefaultLCID
CancelWaitableTimer
WaitCommEvent
GetCompressedFileSizeA
GlobalUnlock
GetAtomNameA
UTRegister

shlwapi

PathCompactPathExA
PathUnmakeSystemFolderA
SHCreateShellPalette
PathRemoveFileSpecA
UrlApplySchemeA
ChrCmpIA
UrlCombineA
AssocCreate
PathCommonPrefixA
SHRegDeleteEmptyUSKeyA
StrCmpNIA
SHAutoComplete
PathFindOnPathA
ColorHLSToRGB
SHRegEnumUSValueA
PathGetDriveNumberA
PathAddBackslashA
SHSkipJunction
DllGetVersion
SHRegSetUSValueA
PathMatchSpecA
PathMakePrettyA
PathCanonicalizeA
PathSkipRootA
PathStripToRootA
PathIsUNCA
PathGetArgsA
SHQueryInfoKeyA
PathIsDirectoryA
PathIsFileSpecA
StrSpnA
PathAppendA
SHRegCloseUSKey
PathSearchAndQualifyA
AssocQueryStringA
PathRemoveArgsA

advapi32

ConvertAccessToSecurityDescriptorA

Sections

.lwdol
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atcr
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vsvkt
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xkf
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8e11d74f7aac42c29696c9fea589736

Headers

File Characteristics

Imports

kernel32

shlwapi

advapi32

Sections

.lwdol Size: 22KB - Virtual size: 45KB

.atcr Size: 5KB - Virtual size: 10KB

.vsvkt Size: 1024B - Virtual size: 1KB

.xkf Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.lwdol
Size: 22KB - Virtual size: 45KB

.atcr
Size: 5KB - Virtual size: 10KB

.vsvkt
Size: 1024B - Virtual size: 1KB

.xkf
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB