083fe884ab8e6ffb61b3d87e202ca329_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

083fe884ab8e6ffb61b3d87e202ca329_JaffaCakes118
Size

172KB
MD5

083fe884ab8e6ffb61b3d87e202ca329
SHA1

90cc153d98b8c9be0f88ee5ce8659f45a9f3b257
SHA256

10428245513eb790d12f20e4a88d934f06134fba5c1b00c4f3ceb0470a48f2a4
SHA512

e57fc66d1bb13dbcfd463a70c5e6145247f97f8fe074447bc4b9c775f3fde481a92c759c88a2cbc804c11fe93d4452a4f25dced045eeca024c500bc9dc737d27
SSDEEP

3072:KRfTIjNsfhfCE7jzrF9iAUJ4EQzzlRUhjnEOo47dq7O5O7G46quH5:KRfjhKE7jzrF4AUJbszIhjEOZ7sK5quZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
083fe884ab8e6ffb61b3d87e202ca329_JaffaCakes118

Files

083fe884ab8e6ffb61b3d87e202ca329_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f9f18098ca56cea2d3293ce94ed800a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetArgsW
PathIsUNCW
SHRegGetValueW
StrDupW
PathSkipRootW
PathFindFileNameW

gdiplus

GdipGetImageWidth
GdipDisposeImage

advapi32

RegEnumValueW
EncryptFileW
RegEnumKeyW
RegSetValueExW
RegOpenKeyExW
DecryptFileW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegCloseKey

user32

GetGUIThreadInfo
GetWindowThreadProcessId
AllowSetForegroundWindow
GetPropW
GetClassNameW
GetForegroundWindow

ole32

CoGetDefaultContext
CoUninitialize
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CoTaskMemFree

kernel32

LocalAlloc
FindNextFileW
SetFileAttributesW
DuplicateHandle
OutputDebugStringA
InterlockedExchange
SetEnvironmentVariableW
GetCalendarInfoW
UnhandledExceptionFilter
lstrlenW
WideCharToMultiByte
IsWow64Process
EncodePointer
SetLastError
GetModuleFileNameW
ExitProcess
GetFileInformationByHandle
GetFileAttributesW
GetProcAddress
UnmapViewOfFile
GetCurrentDirectoryW
GetTickCount
LoadLibraryW
GetFileSizeEx
GetProcessId
ReleaseMutex
MapViewOfFile
GetLastError
VirtualProtect
EnumResourceNamesA
InterlockedCompareExchange
GetModuleHandleW
MultiByteToWideChar
CreateDirectoryW
OutputDebugStringW
SearchPathW
CreateFileMappingW
QueryPerformanceCounter
FreeLibrary
SetUnhandledExceptionFilter
FindFirstFileW
GetLogicalDriveStringsW
Sleep
InitializeCriticalSection
QueryDosDeviceW
FindClose
GetCurrentThreadId
GetSystemTimeAsFileTime
EnterCriticalSection
WaitForSingleObject
GetModuleHandleA
lstrcmpiW
OpenProcess
LocalFree
VirtualQuery
GetCurrentProcess
CreateMutexW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f9f18098ca56cea2d3293ce94ed800a

Headers

File Characteristics

Imports

shlwapi

gdiplus

advapi32

user32

ole32

kernel32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 66KB - Virtual size: 65KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 66KB - Virtual size: 65KB

.edata
Size: 1024B - Virtual size: 92KB