dadff48afdb2b1bd17e18e6b8eaad3f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dadff48afdb2b1bd17e18e6b8eaad3f1_JaffaCakes118
Size

858KB
MD5

dadff48afdb2b1bd17e18e6b8eaad3f1
SHA1

cb06a9a5c5f87b753af36ac0a849fe12bfffe6ce
SHA256

56ab927d4a8bd53cf62c1fd5990498c9289c31b25487be10d58e8256cfaf3156
SHA512

52e84befcbdb86eb3410dbae1ed2504b5729b7fc0aff5bf41e4ee96c4de72c0b6125fcfce8c10b5e03c2cd6178f98b247308fc0fdd772dbfaafc41ad3b6a0fda
SSDEEP

12288:UwWxDq788RwlIdGH2xW1EKIUTx5eiDDBYpO9oTa/1IeLQW7k/8Xtlx+ItOx:Uwx78/my20OCC+BYpOsaKeG/8Xtlr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dadff48afdb2b1bd17e18e6b8eaad3f1_JaffaCakes118

Files

dadff48afdb2b1bd17e18e6b8eaad3f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00fe8b95a75b27ac24283530d7429644

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadHugeReadPtr
DisconnectNamedPipe
SetConsoleCtrlHandler
WritePrivateProfileStringA
GetConsoleTitleA
FlushConsoleInputBuffer
FlushInstructionCache
CancelIo
MulDiv
EnumDateFormatsA
GetLongPathNameA
SwitchToFiber
GetLocalTime
AddAtomA
ReadConsoleOutputA
UTRegister
ReadConsoleA
Beep
Heap32First
WriteConsoleOutputAttribute
WriteFileGather
GlobalLock
GetProcessShutdownParameters
GetSystemTimeAdjustment
CreateNamedPipeA
WaitCommEvent
SetVolumeLabelA
EraseTape
RequestDeviceWakeup
GetDiskFreeSpaceA
GetFileTime
ResumeThread
VirtualProtectEx
GetProfileIntA
VirtualFree
GetComputerNameA
_hread
GetNumberFormatA
TransactNamedPipe
LocalLock
LoadModule
FoldStringA
SetConsoleOutputCP
BuildCommDCBA
SetCommTimeouts
GlobalUnlock
SetFilePointer
GetSystemDirectoryA
ExpandEnvironmentStringsA
SystemTimeToTzSpecificLocalTime
WinExec
GetTickCount
GetProcessVersion
GetOverlappedResult
HeapUnlock
VirtualQueryEx
GetCurrentProcessId
CopyFileA
CompareStringA
GetConsoleOutputCP

shlwapi

PathIsUNCA
ColorHLSToRGB
SHRegCreateUSKeyA
SHRegWriteUSValueA
StrRChrIA
UrlIsOpaqueA
SHAutoComplete
PathFindOnPathA
SHRegEnumUSKeyA
StrFormatByteSize64A
PathRemoveBlanksA
UrlGetLocationA
StrCSpnA
SHRegOpenUSKeyA
UrlCombineA
PathQuoteSpacesA
PathIsRelativeA
StrChrIA
SHCreateStreamWrapper
AssocQueryStringA
PathAppendA
PathCommonPrefixA
PathMakePrettyA
PathFileExistsA
SHDeleteValueA
HashData
StrSpnA
PathIsFileSpecA
PathGetDriveNumberA
StrIsIntlEqualA

Sections

.lapu
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gnov
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xol
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.evkli
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.unk
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lylmp
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atmle
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.olcx
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dexa
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00fe8b95a75b27ac24283530d7429644

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.lapu Size: 635KB - Virtual size: 1.3MB

.gnov Size: 5KB - Virtual size: 5KB

.xol Size: 19KB - Virtual size: 27KB

.evkli Size: 512B - Virtual size: 20KB

.unk Size: 6KB - Virtual size: 15KB

.lylmp Size: 512B - Virtual size: 56B

.atmle Size: 512B - Virtual size: 24B

.olcx Size: 48KB - Virtual size: 76KB

.dexa Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.lapu
Size: 635KB - Virtual size: 1.3MB

.gnov
Size: 5KB - Virtual size: 5KB

.xol
Size: 19KB - Virtual size: 27KB

.evkli
Size: 512B - Virtual size: 20KB

.unk
Size: 6KB - Virtual size: 15KB

.lylmp
Size: 512B - Virtual size: 56B

.atmle
Size: 512B - Virtual size: 24B

.olcx
Size: 48KB - Virtual size: 76KB

.dexa
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB