0a9499b48fa405ad87f70cb94903fa4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a9499b48fa405ad87f70cb94903fa4d_JaffaCakes118
Size

232KB
MD5

0a9499b48fa405ad87f70cb94903fa4d
SHA1

22d0fb84878d74bb8843869e9d35d365f6102c37
SHA256

df588b3b9fbd91d1afadaafb071ce9dd3bda248eecfb00601a9576fab5341ad4
SHA512

3f7f0f5338044cf519348489a4b943b14dbfcd7940727aa832bce17f0dfe7b033214acae9becc64f4feb9139bb23b18a31132cdfa30ef8f36187bab40adf7444
SSDEEP

6144:dpBI9Fzza9II3EDueetf8N/9pl6geKIyuAtOTL6d:1I95zPC61yoKU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a9499b48fa405ad87f70cb94903fa4d_JaffaCakes118

Files

0a9499b48fa405ad87f70cb94903fa4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ce2716f6ccef5f67a3cd2ed678638d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberFormatW
OpenFile
lstrcmpiW
CreateMutexW
QueryPerformanceCounter
MoveFileExW
HeapAlloc
LoadLibraryA
lstrcpyW
ExitProcess
GetFileAttributesW
WriteConsoleOutputA
lstrcmpA
CreateMailslotA
InterlockedExchange
GetTickCount
FoldStringA
GetModuleHandleA
VirtualFreeEx
GetProfileSectionW
RtlUnwind
TerminateProcess
GetModuleFileNameA
HeapReAlloc
CreateProcessA
GetCurrentThreadId
VirtualAlloc
GetConsoleCursorInfo
GetProcAddress
GetDriveTypeA
GetCurrentProcess
HeapFree
GetLogicalDriveStringsW
WriteProfileStringA
ResumeThread
GlobalCompact
VirtualQuery
SetThreadIdealProcessor
ConvertDefaultLocale
GetSystemTimeAsFileTime
GetEnvironmentVariableW
GetCurrentProcessId

shell32

ShellExecuteExA
SHGetDiskFreeSpaceA
SHQueryRecycleBinW
SHGetNewLinkInfo
ExtractAssociatedIconA
SHGetSettings
SHGetPathFromIDListW
DoEnvironmentSubstW
SheSetCurDrive
FindExecutableA
SHAddToRecentDocs
DoEnvironmentSubstA

gdi32

CreateDCW
GetCharacterPlacementW
UnrealizeObject
UpdateColors
ResetDCW
ExtEscape
CreatePen
GetCharacterPlacementA
ColorCorrectPalette
BeginPath
SetDIBits
GetBkColor
OffsetViewportOrgEx
GetCharABCWidthsFloatA
ExcludeClipRect
GetCharABCWidthsFloatW
SetWinMetaFileBits
EnumFontFamiliesExA
SetBoundsRect
CancelDC
FixBrushOrgEx
GetArcDirection
BitBlt

advapi32

CryptSetProviderW
CryptVerifySignatureW
RegDeleteValueW
CryptEnumProviderTypesA
RegReplaceKeyA
RegLoadKeyW
RegQueryMultipleValuesW
CryptDestroyHash
CryptGetDefaultProviderA
CryptSetHashParam
CryptSetProviderExA
DuplicateTokenEx
CryptEnumProvidersW
StartServiceW
RegCreateKeyW
RegCreateKeyA

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ce2716f6ccef5f67a3cd2ed678638d6

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

advapi32

Sections

.text Size: 117KB - Virtual size: 117KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 117KB - Virtual size: 117KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 10KB - Virtual size: 10KB