cf0876ab2aed3501795e470489fe5025_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf0876ab2aed3501795e470489fe5025_JaffaCakes118
Size

59KB
MD5

cf0876ab2aed3501795e470489fe5025
SHA1

c347439a58722b109b0cf483da3ca881d48c836e
SHA256

e2a228e8ddbfaf30e176fb0e2d3240fe81f9c086e433bb942684d869e21ce786
SHA512

80c4e1a66e55f9ef5acbf01e9bea96a007d506b98a9bd0b3c6587a23c72fdd1ff4c767aa87b64339b7991ddaa5a39179e2f9a393c6c6be23cea06ac8e62594ba
SSDEEP

1536:NGOUyF5z6+tb1vTKtFCcZbXDsBayGkMmVjXLINgm0/favD6D3:BUyv/tb1vOIcZnyjRRENb0/SvD6D3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf0876ab2aed3501795e470489fe5025_JaffaCakes118

Files

cf0876ab2aed3501795e470489fe5025_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e313fd9010361b27b79db46df173959b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindOnPathA
SHRegWriteUSValueA
SHDeleteValueA
StrSpnA
SHRegOpenUSKeyA
UrlIsOpaqueA
SHRegEnumUSKeyA
StrCSpnA
PathGetDriveNumberA
AssocQueryStringA
PathIsRelativeA
StrToIntExA
UrlCombineA
HashData
SHIsLowMemoryMachine
UrlGetLocationA
StrIsIntlEqualA
PathIsFileSpecA
ColorHLSToRGB
PathRemoveBlanksA
PathCommonPrefixA
StrChrIA
PathFileExistsA
PathMakePrettyA
PathQuoteSpacesA
PathSearchAndQualifyA
StrFormatByteSize64A
PathAppendA
SHAutoComplete
PathIsUNCA
PathStripToRootA
StrRChrIA
SHCreateStreamWrapper

kernel32

EnumCalendarInfoA
WriteFileGather
GetLogicalDriveStringsA
GetFullPathNameA
GetVersionExA
TerminateThread
GetShortPathNameA
FindResourceA
SetEvent
SetConsoleCursorPosition
EnumResourceTypesA
EnumSystemLocalesA
WriteProcessMemory
GetCommConfig
WaitForSingleObject
GetConsoleTitleA
IsDBCSLeadByteEx
CreateThread
GetNumberFormatA
OpenProcess
OutputDebugStringA
BackupSeek
SetSystemTime
InitializeCriticalSection
CloseHandle
WaitCommEvent
ReadConsoleA
lstrcpy
GetProcessHeaps
GetTapeStatus
VirtualAlloc
SetVolumeLabelA
LocalAlloc
CreateConsoleScreenBuffer
EnumResourceLanguagesA
DebugActiveProcess
SetCommMask
AreFileApisANSI
ReleaseSemaphore
SetCommTimeouts
CancelIo
SystemTimeToTzSpecificLocalTime
Beep
Process32Next
GlobalLock
VirtualQueryEx
GetStringTypeExA
SetTimeZoneInformation
InterlockedIncrement
SetConsoleWindowInfo
GetSystemPowerStatus
GetFileAttributesExA
GetSystemTimeAdjustment
GetStdHandle
FileTimeToLocalFileTime
InterlockedExchange
RequestDeviceWakeup

advapi32

RevertToSelf

Sections

.avsfa
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rqb
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mje
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jgfkd
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e313fd9010361b27b79db46df173959b

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

Sections

.avsfa Size: 22KB - Virtual size: 45KB

.rqb Size: 5KB - Virtual size: 10KB

.mje Size: 1024B - Virtual size: 1KB

.jgfkd Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.avsfa
Size: 22KB - Virtual size: 45KB

.rqb
Size: 5KB - Virtual size: 10KB

.mje
Size: 1024B - Virtual size: 1KB

.jgfkd
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB