10bc79f1e5300f1b42f5d56574748fb1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10bc79f1e5300f1b42f5d56574748fb1_JaffaCakes118
Size

128KB
MD5

10bc79f1e5300f1b42f5d56574748fb1
SHA1

9b2a30f4da08473f890f497352aaf977e4fd76bd
SHA256

88d93aad93d162340ff29da012c1c99781f533848e211a2861f868f10ed066ce
SHA512

2f8d61fa7f55e32a0fde06e475b2fe2de6d78f28f0961b200b5d01f2aaf66129a0b2a0756b598e40bb97d0b455bf74f9358ececd5fa7907873893a6db8219bfb
SSDEEP

3072:q0lwoRFdb4mGUeN1cSZ3g6NwqX8+oAFl/hpbihuoxYoP:VdEPhQ6NhHoElJpkuwrP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10bc79f1e5300f1b42f5d56574748fb1_JaffaCakes118

Files

10bc79f1e5300f1b42f5d56574748fb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b12d00a1e5826d6da2ba94b032a86863

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
QueryPerformanceCounter
MultiByteToWideChar
LeaveCriticalSection
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapDestroy
GetVersionExA
GetTickCount
GetSystemTimeAsFileTime
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcessId
GetCurrentProcess
EnterCriticalSection
Sleep
CreateThread
CreateFileA
CreateEventA
GetProcAddress
ExitProcess
GetCommandLineA
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
WriteFile
RtlUnwind
UnhandledExceptionFilter
lstrcmpiA
LocalAlloc
LocalFree
GetProcessHeap
HeapAlloc
HeapFree
ReadFile
GetLastError
FlushFileBuffers
DisconnectNamedPipe
CloseHandle
lstrcpyA
DeleteCriticalSection
lstrlenA
VirtualFree
HeapCreate
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
LoadLibraryA
GetStartupInfoA
GetVersion
TerminateProcess
FreeEnvironmentStringsA

user32

BeginPaint
wsprintfA
TranslateMessage
SetTimer
PostQuitMessage
PostMessageA
PeekMessageA
MessageBoxA
GetParent
GetWindowTextLengthA
KillTimer

advapi32

RegEnumKeyExA
GetLengthSid
GetTokenInformation
RegEnumValueA
RegQueryValueExA
RegOpenKeyA
AllocateAndInitializeSid
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
FreeSid
RegCloseKey
RegQueryInfoKeyA

ole32

CoInitialize
OleRun
OleSetClipboard
OleSaveToStream
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b12d00a1e5826d6da2ba94b032a86863

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 100KB - Virtual size: 101KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 100KB - Virtual size: 101KB

.reloc
Size: 4KB - Virtual size: 3KB