f060f411ced94a3c93cc8c69a7acb524_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f060f411ced94a3c93cc8c69a7acb524_JaffaCakes118
Size

147KB
MD5

f060f411ced94a3c93cc8c69a7acb524
SHA1

bf6ae0cd7df9f71de645c06747fb0216ab7b46e1
SHA256

c092d7c9d478259f1f13d1000057bb78b721135ffbd05c58343e157e924b05a0
SHA512

5a7286d4cb284c7898b74a05c83eabfda68c8d18420690307649c690d06024f53710a40c40cb79f55b6c19aac216b4f607dab3b08ad6760fbfbd94c1fc7161a0
SSDEEP

3072:td7Ym8IrrW/CzBdJ6vgFobFdzueSsIZGh5LZVdZwjZZf0M0ZPNMeRsYIj:td7YmpyadJ6vgGbWeOgLZRw3lkNpRsHj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f060f411ced94a3c93cc8c69a7acb524_JaffaCakes118

Files

f060f411ced94a3c93cc8c69a7acb524_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d56a2a36c564c5dc1dff17bb70b66168

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

oleaut32

DllUnregisterServer
GetActiveObject
RegisterActiveObject

ole32

CreateItemMoniker
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
GetRunningObjectTable

advapi32

RegisterServiceCtrlHandlerA
DeregisterEventSource
RegisterEventSourceA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

kernel32

RemoveDirectoryA
LocalAlloc
SetFileTime
GetDiskFreeSpaceA
TerminateProcess
lstrcmpA
GetShortPathNameA
SetFilePointer
GetVersionExA
ExitProcess
GetCurrentProcess
GetWindowsDirectoryA
GetTickCount
GlobalUnlock
FindNextFileA
lstrcpynA
DosDateTimeToFileTime
GetLastError
lstrcmpiA
GetFileAttributesA
FormatMessageA
GetModuleHandleA
GetStartupInfoA
LoadResource
TerminateThread
WriteFile
FlushFileBuffers
lstrcatA
FindClose
GetProcAddress
CreateEventA
GlobalFree
CloseHandle
SetConsoleTitleA
GlobalAlloc
CreateFileA
LoadLibraryExA
GetPrivateProfileIntA
ResetEvent
CreateMutexA
GetSystemDirectoryA
LoadLibraryA
GetDriveTypeA
GetTempPathA
GetModuleFileNameA
GetSystemInfo
QueryPerformanceCounter
lstrcpyA
LocalFree
FreeLibrary
FindFirstFileA
DeleteFileA
LocalFileTimeToFileTime
SetEvent
SizeofResource
GetSystemTimeAsFileTime
MulDiv
CreateProcessA
GetExitCodeProcess
SetCurrentDirectoryA
SetFileAttributesA
LockResource
CreateDirectoryA
ReadFile
GetCurrentThreadId
GetCurrentProcessId
CreateThread
GetTempFileNameA
FreeResource
lstrlenA
IsDBCSLeadByte
FindResourceA
GetVolumeInformationA
SetCommBreak
GetCurrentDirectoryA
GlobalLock
GetCommandLineA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 150KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d56a2a36c564c5dc1dff17bb70b66168

Headers

File Characteristics

Imports

shell32

oleaut32

ole32

advapi32

kernel32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 111KB

.rsrc Size: 3KB - Virtual size: 3KB

.shared Size: 150KB - Virtual size: 259KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 111KB

.rsrc
Size: 3KB - Virtual size: 3KB

.shared
Size: 150KB - Virtual size: 259KB