c7a1656340dd2b8ac9e3f1bb2fb96ef2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7a1656340dd2b8ac9e3f1bb2fb96ef2_JaffaCakes118
Size

156KB
MD5

c7a1656340dd2b8ac9e3f1bb2fb96ef2
SHA1

45c8ec55284061bf9319c0b284244c7dd802ad18
SHA256

0016b18c25023c3975c266759305e9c3361b8522741dea0475d3960d2ff9c712
SHA512

663546a6ade21a3ddbd4d4356b746bf9b6a3e83b18c15f294acc6482801b0fe8e903abd5430af704244fd42e82bf9fc3ba11109e0ed0b31d69ea18cf0265eabb
SSDEEP

3072:B6JV1ZyS/cMAiq5YJw6GsEw9u+zxT2na1A:Bm7ySdW5YJw6HucxT2na6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7a1656340dd2b8ac9e3f1bb2fb96ef2_JaffaCakes118

Files

c7a1656340dd2b8ac9e3f1bb2fb96ef2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

096db46bf80d8cf0d11f7059730c8541

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
DeleteFileW
CreateFileW
CloseHandle
WriteFile
SetFilePointer
ReadFile
GetFileSize
GetLastError
GetWindowsDirectoryW
GetCommandLineW
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
GetStringTypeW
GetStringTypeA
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
CreateThread
GetCurrentDirectoryW
SetCurrentDirectoryW
LoadLibraryA
GetEnvironmentVariableA
WaitForSingleObject
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
TerminateProcess
ExitProcess
GetModuleFileNameA
LCMapStringW
GetVersionExA
LCMapStringA
GetCurrentProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
MultiByteToWideChar
GetModuleHandleA
HeapFree
HeapAlloc
GetVersion
GetStartupInfoA
GetCommandLineA
WideCharToMultiByte

user32

GetDlgItem
DestroyWindow
TranslateMessage
IsDialogMessageW
MessageBoxW
PostMessageW
GetMessageW
DispatchMessageW
SetWindowTextA
CreateDialogParamW
ShowWindow

advapi32

RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
CommandLineToArgvW

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupCopyOEMInfW
SetupDiEnumDeviceInfo

shlwapi

SHDeleteKeyW
StrRStrIA
SHGetValueW
StrStrIA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

096db46bf80d8cf0d11f7059730c8541

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

setupapi

shlwapi

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 36KB

.rsrc Size: 100KB - Virtual size: 99KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 36KB

.rsrc
Size: 100KB - Virtual size: 99KB