e0b0adfaf7b8a4148587ef00a3d378c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0b0adfaf7b8a4148587ef00a3d378c9_JaffaCakes118
Size

31KB
MD5

e0b0adfaf7b8a4148587ef00a3d378c9
SHA1

f0bdeae6c37d44a7d0d15a0254edc8e88861f8d3
SHA256

b01ac01d4d91a5651b04ff5cc1db1b772713d054ea348ac07d4b45b186bb7a64
SHA512

df92b09b568aa2f272567b3ed09c21b776294dc460847627659960bc5d392a588c8628a5f4cda122823555f33bc4bf123534e0264d0d8f7cd396ab65a1ca2864
SSDEEP

768:yoNvnqcm/8mJnRIubnc8888AnRCdjvdcCRc5gT3L:yoNv9m/8mJyAnbnRCdjvRR0k7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b0adfaf7b8a4148587ef00a3d378c9_JaffaCakes118

Files

e0b0adfaf7b8a4148587ef00a3d378c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a5b8a204f15ee86619c4f73020c7bac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetLogicalDrives
FormatMessageA
GlobalMemoryStatusEx
ActivateActCtx
LCMapStringA
GetLongPathNameW
SetInformationJobObject
SetConsoleFont
TermsrvAppInstallMode
GetLogicalDriveStringsA
GetTempFileNameW
GetModuleFileNameW
LoadLibraryA
SetFilePointer
GetTempPathA
SetLastError
GetTempPathW
WriteFile
CreateFileA
GetModuleFileNameA
CreateFileMappingA
CloseHandle
GetProcessHeap
CreateProcessW
FreeEnvironmentStringsW
GetStringTypeW
ExitProcess
FlushFileBuffers
ReadFile
CreateDirectoryA
ReleaseSemaphore
GetVersionExA
CreateProcessA
LocalFree
HeapFree
LCMapStringW
GetProcAddress
WaitForSingleObject
MapViewOfFile
GetStartupInfoA
GetCurrentDirectoryW
GetStringTypeA
GetCurrentProcess
HeapReAlloc
InterlockedExchange
GetThreadLocale
FreeLibrary
CreateFileW
GetFileSize
GetCommandLineA
GetModuleHandleA
HeapAlloc

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetMalloc
SHFileOperationA
SHGetPathFromIDListA
SHGetFileInfoA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 15KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a5b8a204f15ee86619c4f73020c7bac

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

advapi32

shell32

comctl32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.itext Size: 15KB - Virtual size: 35KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.itext
Size: 15KB - Virtual size: 35KB