d0e814a33d7b915b6dfd80c1586a2606_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0e814a33d7b915b6dfd80c1586a2606_JaffaCakes118
Size

59KB
MD5

d0e814a33d7b915b6dfd80c1586a2606
SHA1

ec004440c13106c22e82ad4ce7cb3f858d6d1553
SHA256

ee94346a5c570b247614859710b6514e814804e625d0297f84b0756f0e2ae8d7
SHA512

a72d41f86628196ec3c19d381f0650e9d855c6295525e95a17c0c498651cbbcee8be5ae1e7ce051a16f922eb94d000c5c5916057b75ef9b5a7affe79c181bdc0
SSDEEP

768:btHcMkwWaJINpR8w68cmr7fR9Qhc0h40lsf1Dao/p5KUHKZvlJG0gwvdXh0VI3lU:bunjWwHRihc0hVyf11QUHzw70VIlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0e814a33d7b915b6dfd80c1586a2606_JaffaCakes118

Files

d0e814a33d7b915b6dfd80c1586a2606_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2e9311899ae33eea7580e0ad92ab050

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceTypesA
CreateMailslotA
OpenProcess
GetNumberOfConsoleMouseButtons
DeleteFileA
CopyFileA
GetDriveTypeA
GetPrivateProfileIntA
HeapCompact
GetCommState
GetCommModemStatus
FlushConsoleInputBuffer
WriteConsoleInputA
FreeLibrary
CancelIo
GetStdHandle
DisconnectNamedPipe
GetProfileStringA
WaitForSingleObject
SetSystemTime
GetTickCount
GetBinaryTypeA
TlsFree
GetProcessVersion
FreeConsole
CreateConsoleScreenBuffer
RequestDeviceWakeup
OutputDebugStringA
LocalLock
IsBadReadPtr
FindFirstFileA
GetProcessHeaps
AreFileApisANSI
SystemTimeToTzSpecificLocalTime
GetDiskFreeSpaceA
DebugActiveProcess
Heap32ListNext
Beep
SleepEx
SetConsoleCursorPosition
Process32Next
IsBadWritePtr
LoadLibraryA
MapViewOfFile
CallNamedPipeA
GetLocalTime
GetConsoleCursorInfo
GetProfileIntA
GetConsoleTitleA
GlobalFindAtomA
CreateDirectoryExA
LocalFileTimeToFileTime
PrepareTape
CreateNamedPipeA
PurgeComm
ReleaseSemaphore
WritePrivateProfileStringA
GetModuleFileNameA

shlwapi

StrRChrIA
ColorHLSToRGB
SHAutoComplete
SHRegWriteUSValueA
PathIsFileSpecA
PathIsRelativeA
StrToIntExA
UrlIsOpaqueA
HashData
PathIsUNCA
StrChrIA
SHRegOpenUSKeyA
PathFileExistsA
StrFormatByteSize64A
PathGetDriveNumberA
StrCSpnA
SHRegEnumUSKeyA
PathStripToRootA
AssocQueryStringA
SHCreateStreamWrapper
PathCommonPrefixA
UrlGetLocationA
StrSpnA
SHRegCreateUSKeyA
SHIsLowMemoryMachine
PathAppendA
PathFindOnPathA
PathSearchAndQualifyA
StrIsIntlEqualA
SHDeleteValueA
PathMakePrettyA
UrlCombineA

advapi32

RegSaveKeyA

Sections

.yfq
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dolcj
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mpup
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zqd
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2e9311899ae33eea7580e0ad92ab050

Headers

File Characteristics

Imports

kernel32

shlwapi

advapi32

Sections

.yfq Size: 22KB - Virtual size: 45KB

.dolcj Size: 5KB - Virtual size: 10KB

.mpup Size: 1024B - Virtual size: 1KB

.zqd Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.yfq
Size: 22KB - Virtual size: 45KB

.dolcj
Size: 5KB - Virtual size: 10KB

.mpup
Size: 1024B - Virtual size: 1KB

.zqd
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB