eb484416896c3c6f5d4da65e5a749a0b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb484416896c3c6f5d4da65e5a749a0b_JaffaCakes118
Size

2.0MB
MD5

eb484416896c3c6f5d4da65e5a749a0b
SHA1

e9cbd4be7a2a1bba2c3156d20a5e9721890afe93
SHA256

5355740641d7596f409d1b59d9c640d992d49342fc52c9a952de67af15622f1d
SHA512

bb7357ff1c898901d8a33bf0ec8bc0a0d93f14bab22c199286fdd95b7e964f3102b2080e19d4dba3b4079b3bac245bb3f206e6eb83632f2a9deb5085fd5182fc
SSDEEP

24576:BzmaPbrWrhLNkyc4cA0q3s5sRIxk+nHryY1UDAuB/CtCxj3T1m1Iv+:he1NP0rqc5V9LqDN/zj1m15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb484416896c3c6f5d4da65e5a749a0b_JaffaCakes118

Files

eb484416896c3c6f5d4da65e5a749a0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

417ee218fb2caa523cf6da96f52e9186

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
CopyFileExW
SetLastError
GlobalFree
DeleteFileW
GetConsoleMode
GetFileTime
ExitThread
CopyFileW
CreateThread
ReadConsoleW
CreateDirectoryA
FindAtomA
GetCommandLineA
FindFirstFileA
DeleteFileA
GetCPInfo
Sleep
GetConsoleMode
CopyFileExW
OpenFileMappingA
DeleteFileA
GetCommandLineA
GetComputerNameA
CopyFileW
GetLastError
WriteFile
FindFirstFileA
Sleep
FindAtomA
CreateThread
ReadFile
GetFileTime
ReadConsoleA
GlobalFree
DeleteAtom
OpenFile
GetFileSize

advapi32

RegGetKeySecurity
RegReplaceKeyW
RegLoadKeyW
RegQueryValueExA
RegEnumKeyA
RegReplaceKeyA
RegQueryValueW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyW
RegLoadKeyA
RegDeleteKeyA
RegEnumKeyW
RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExW
RegEnumValueA
RegOpenKeyA
RegDeleteValueA
RegReplaceKeyW
RegGetKeySecurity
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegReplaceKeyA
RegLoadKeyW
RegQueryInfoKeyA
RegQueryValueA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueW
RegOpenKeyW
RegEnumKeyA
RegQueryValueExA
RegOpenKeyExW
RegEnumKeyExA
RegFlushKey
RegCreateKeyExA
RegGetKeySecurity
RegReplaceKeyA
RegEnumKeyExW
RegQueryValueA
RegQueryValueW
RegOpenKeyA
RegLoadKeyA
RegDeleteKeyA
RegReplaceKeyW
RegCreateKeyExA
RegOpenKeyW
RegOpenKeyExA
RegEnumKeyW
RegLoadKeyW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteValueW
RegQueryValueExW
RegCreateKeyW
RegQueryValueExW
RegDeleteKeyA
RegDeleteValueW
RegDeleteValueA
RegReplaceKeyA
RegOpenKeyExA
RegDeleteKeyW
RegEnumKeyA
RegEnumValueA
RegGetKeySecurity
RegReplaceKeyW
RegQueryInfoKeyA
RegOpenKeyW
RegCreateKeyExW
RegFlushKey
RegQueryValueA
RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
RegDeleteValueA
RegQueryInfoKeyA
RegReplaceKeyA
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
RegLoadKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegLoadKeyA
RegEnumKeyExW
RegReplaceKeyW
RegGetKeySecurity
RegFlushKey
RegEnumKeyExA
RegCreateKeyW
RegOpenKeyW
RegEnumValueA

Sections

CODE
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BwmJhp
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ldata
Size: 4KB - Virtual size: 122B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gRHLns
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddata
Size: 1.7MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tiKtwc
Size: 4KB - Virtual size: 294B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YyeNAB
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pmhmzo
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

417ee218fb2caa523cf6da96f52e9186

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

CODE Size: 264KB - Virtual size: 260KB

.BwmJhp Size: 8KB - Virtual size: 4KB

.ldata Size: 4KB - Virtual size: 122B

.gRHLns Size: 4KB - Virtual size: 1KB

.ddata Size: 1.7MB - Virtual size: 5.5MB

.tiKtwc Size: 4KB - Virtual size: 294B

.YyeNAB Size: 4KB - Virtual size: 2KB

.Pmhmzo Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 4KB

CODE
Size: 264KB - Virtual size: 260KB

.BwmJhp
Size: 8KB - Virtual size: 4KB

.ldata
Size: 4KB - Virtual size: 122B

.gRHLns
Size: 4KB - Virtual size: 1KB

.ddata
Size: 1.7MB - Virtual size: 5.5MB

.tiKtwc
Size: 4KB - Virtual size: 294B

.YyeNAB
Size: 4KB - Virtual size: 2KB

.Pmhmzo
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 4KB