f557a182af99276a0ce239009e95467d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f557a182af99276a0ce239009e95467d_JaffaCakes118
Size

12KB
MD5

f557a182af99276a0ce239009e95467d
SHA1

84a485cb06a60478e40e793722a1d89c436ac8a0
SHA256

1c238dad7d36c51deea6648e8f6c746920ee706a318588d39d612e964e3ec43d
SHA512

2ff6ce27f47ad2fa55faa43571efdbc2c0185e8ee34aff137d4e6a329cdf47182831817af2b9ed40c5fa15407f3b4b5c31b393c61315c1549d0d342ab88dde92
SSDEEP

192:0ntcfqqd65dEh1KxFTNDxDdP1HHaU1jwgWeQ:0ntqJyBzTNX1afeQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f557a182af99276a0ce239009e95467d_JaffaCakes118

Files

f557a182af99276a0ce239009e95467d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9a9322327c1f6c71d6db9c30c9858a23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeregisterEventSource
SetSecurityDescriptorDacl
RegisterEventSourceA
InitializeSecurityDescriptor
RegisterServiceCtrlHandlerA

ole32

CreateItemMoniker
CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize
GetRunningObjectTable

kernel32

InterlockedIncrement
GetPrivateProfileIntW
LocalReAlloc
QueryPerformanceCounter
OpenMutexW
lstrlenA
GetLastError
FreeLibrary
RaiseException
FormatMessageW
CopyFileW
GetCurrentProcessId
GetDiskFreeSpaceExW
ExpandEnvironmentStringsW
GetFullPathNameW
ReadFile
GetCurrentProcess
lstrlenW
GetCommandLineW
SetFilePointer
FormatMessageA
SetLocalTime
GetWindowsDirectoryW
DeviceIoControl
GetVolumeInformationW
OpenSemaphoreA
DeleteFileW
GetSystemDirectoryW
OpenEventW
GetProcAddress
HeapFree
LocalAlloc
HeapAlloc
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
GetDateFormatW
IsValidLocale
HeapSize
GetFileAttributesW
SetLastError
MultiByteToWideChar
ReleaseMutex
GetPrivateProfileSectionW
CreateMutexW
CloseHandle
GlobalWire
FindResourceA
FlushViewOfFile
GetLogicalDriveStringsW
GetTickCount
Sleep
GlobalAlloc
UnhandledExceptionFilter
GetExitCodeProcess
GlobalFree
SetCurrentDirectoryW
OpenFileMappingW
QueryDosDeviceW
InterlockedDecrement
GetTimeFormatW
lstrcmpW
GetTempPathW
SetUnhandledExceptionFilter
LocalFree
GetDriveTypeW
WriteFile
InterlockedExchange
HeapReAlloc
GetSystemTimeAsFileTime
SetVolumeLabelA
GetProcessHeap
GetCurrentThreadId
GetModuleFileNameW
CreateDirectoryW
CreateFileW
GetPrivateProfileStringW
lstrcmpiW

shell32

Shell_NotifyIconA

oleaut32

DllUnregisterServer
RegisterActiveObject
GetActiveObject

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ecgt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 140KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a9322327c1f6c71d6db9c30c9858a23

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

shell32

oleaut32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 115KB

.ecgt Size: 3KB - Virtual size: 3KB

.edata Size: 140KB - Virtual size: 271KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 115KB

.ecgt
Size: 3KB - Virtual size: 3KB

.edata
Size: 140KB - Virtual size: 271KB