0b4844a7dcd6d5ae10f9b66d0351e614_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b4844a7dcd6d5ae10f9b66d0351e614_JaffaCakes118
Size

228KB
MD5

0b4844a7dcd6d5ae10f9b66d0351e614
SHA1

f27aea539347d301867f2d023fbc628d68834fe7
SHA256

af2c1dfacd83fd8efdcc40c38eee355707d24eef83371416f83fdb20ea0cfc8f
SHA512

c7ad3ff668f687a551a02cdb1c20b61c29c1e8a9b45790fffe20ec95bb3c2780719f1a4d67a07557c68e6759e141967f3e6384a76848d962af8e974124673703
SSDEEP

3072:RfvE/8TGxvv9P7+1TbSTjCO3AgpAkSY+WyZ9Cer61uCJz2mZnHIF4N6DVYAkgxWU:REv0TmTj/Akieymps4opwtPA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b4844a7dcd6d5ae10f9b66d0351e614_JaffaCakes118

Files

0b4844a7dcd6d5ae10f9b66d0351e614_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74c85e8b54e93761ab523979bd446cdd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileA
FindFirstFileA
GetFileType
GetLastError
GetFileSize
GetSystemInfo
SetFilePointer
SetEndOfFile
CreateFileA
ReadFile
WriteFile
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
GetVersionExA
GetCPInfo
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetShortPathNameA
GetWindowsDirectoryA
MoveFileExA
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapReAlloc
HeapAlloc
HeapFree
SetHandleCount
GetStdHandle
RemoveDirectoryA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
InitializeCriticalSection
SetUnhandledExceptionFilter
GetProcAddress
VirtualAlloc
IsBadWritePtr
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
SetStdHandle
GetTimeZoneInformation
SetEnvironmentVariableA
DeleteFileA
OpenEventA
SetEvent
ReleaseMutex
CloseHandle
OpenMutexA
CreateMutexA
GetStartupInfoA
WaitForSingleObject
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifc
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74c85e8b54e93761ab523979bd446cdd

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 172KB - Virtual size: 168KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 29KB

STLPORT_ Size: 4KB - Virtual size: 32B

.ifc Size: - Virtual size: 1B

.text
Size: 172KB - Virtual size: 168KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 29KB

STLPORT_
Size: 4KB - Virtual size: 32B

.ifc
Size: - Virtual size: 1B