04d13f2d39f69722e23a8efb567a0c88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04d13f2d39f69722e23a8efb567a0c88_JaffaCakes118
Size

300KB
MD5

04d13f2d39f69722e23a8efb567a0c88
SHA1

7932a51116bf48998548bcc2a998cea06dcf129c
SHA256

eb7cdda3158719e76b54d74d6840b59345c0c3afd6e8d21288076db59fbcb8af
SHA512

eafd87757c0e60a385b49c1ffa4689a0da0159ed103e5cc37b772577aa6aa16bb445ba511a916aa9ebf33dfb6262163df242182946d1294dcb9932477c109333
SSDEEP

3072:VyUmZxqDSypsa4hU5wiLz+iK0QAo9gEPHbHvXb/Y7mnv39+c6WJzGGo97ngk:0UmuHSOz9Keo+ujvXbomv39Z6Dnh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04d13f2d39f69722e23a8efb567a0c88_JaffaCakes118

Files

04d13f2d39f69722e23a8efb567a0c88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff95ac231a8ea9bcbe630bf3591ef03f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
OpenEventA
CreateNamedPipeA
DeleteFileA
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
GetConsoleCP
GetExitCodeThread
GetModuleFileNameA
GetNamedPipeInfo
GetCurrentProcessId
GetProcessVersion
GetStdHandle
GetCurrentThreadId
GetThreadLocale
GetUserDefaultLCID
IsSystemResumeAutomatic
IsValidCodePage
IsValidLocale
CloseHandle
ReleaseSemaphore
ResetEvent
SetFilePointer
GetBinaryTypeA
GetFileType
CancelIo
CallNamedPipeA
BackupSeek
BackupRead
lstrcmpA
lstrlenA
GetDriveTypeW
GetDriveTypeA
GetWindowsDirectoryW
GetCurrentDirectoryA
GetSystemDirectoryW
GetSystemDirectoryA
GetFileAttributesA
GetFileAttributesW
lstrcmpW
HeapFree
GetProcessHeap
ReleaseMutex
HeapAlloc

ole32

OleRun

winmm

timeBeginPeriod
SendDriverMessage
OpenDriver
GetDriverModuleHandle
timeEndPeriod
DrvGetModuleHandle

user32

ReleaseDC

advapi32

RegLoadKeyA
GetUserNameA
GetUserNameW

msvcrt

toupper

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

SHDeleteKeyA
SHGetValueA
SHGetValueW
SHQueryValueExA
SHDeleteEmptyKeyW
PathIsRootA
SHEnumKeyExA
SHCopyKeyA
SHCopyKeyW
SHDeleteEmptyKeyA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 628KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff95ac231a8ea9bcbe630bf3591ef03f

Headers

File Characteristics

Imports

kernel32

ole32

winmm

user32

advapi32

msvcrt

version

shlwapi

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 628KB - Virtual size: 626KB

.rsrc Size: 4KB - Virtual size: 776B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 628KB - Virtual size: 626KB

.rsrc
Size: 4KB - Virtual size: 776B

.reloc
Size: 4KB - Virtual size: 2KB