0e5283c99636e9c588da5847e3214bde_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e5283c99636e9c588da5847e3214bde_JaffaCakes118
Size

164KB
MD5

0e5283c99636e9c588da5847e3214bde
SHA1

0df7130ecb3c55ae14e63fe520bc1ce4396e015b
SHA256

a51b1eba2fb7497ae26d33dabad2c6f1e62cce3a40dec0494f3b25b35f79a499
SHA512

2805e8f5c1146a899fc80982592f4f5f9403b2cf8033b933c0acc57ef38c087cbb3ee06867a99d6eea8ef0c8b5c3517b0cdc83baf3aa5b95697d4d56c463de6c
SSDEEP

3072:toyZUHc9NkVLSgbYvox+MEOINCbHr61bx3Ti1MwgRF1YGFG:W/HcTch0v7MEFNCHUbx3+Mwg2GI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5283c99636e9c588da5847e3214bde_JaffaCakes118

Files

0e5283c99636e9c588da5847e3214bde_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c9152d7b07c513e5e6f48620512b11d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

GetClassLongA
MessageBoxW

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

kernel32

GetStartupInfoA
TerminateProcess
GetLocaleInfoW
HeapDestroy
GetACP
EnumSystemLocalesA
InterlockedDecrement
HeapSize
GetLocaleInfoA
GetStringTypeW
GetCommandLineA
LeaveCriticalSection
ExitProcess
IsValidLocale
GetThreadPriority
Sleep
TlsGetValue
SetStdHandle
UnhandledExceptionFilter
InterlockedIncrement
GetCurrentProcessId
LoadLibraryA
EnterCriticalSection
GetVersionExA
SetCommTimeouts
GetModuleHandleA
WriteConsoleA
GlobalAlloc
GetFullPathNameW
GetConsoleCP
IsValidCodePage
TlsSetValue
VirtualFree
RtlUnwind
QueryPerformanceCounter
HeapReAlloc
HeapAlloc
EnumResourceNamesA
LCMapStringW
GetLastError
GetModuleFileNameA
CreateFileA
GetUserDefaultLCID
RaiseException
GetCurrentThreadId
GetStringTypeA
IsDebuggerPresent
GetProcessHeap
GetConsoleOutputCP
GetFileType
GetTickCount
GetCurrentProcess
FreeEnvironmentStringsW
GetConsoleMode
VirtualAlloc
TlsAlloc
GetEnvironmentStrings
GetOEMCP
CloseHandle
GetStdHandle
ExitProcess
GetModuleFileNameW
InitializeCriticalSection
GetSystemTimeAsFileTime
FlushFileBuffers
GetProcAddress
HeapFree
MultiByteToWideChar
SetLastError
FreeEnvironmentStringsA
HeapCreate
WriteConsoleW
GetCPInfo
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
DeleteCriticalSection
LCMapStringA
WriteFile
WideCharToMultiByte
ReadFile
GetCurrentDirectoryW
SetFilePointer
TlsFree
SetEndOfFile
GetFullPathNameA

ole32

StringFromGUID2
CoCreateInstance
CoCreateGuid
CoUninitialize
CoInitialize
CoSetProxyBlanket

rpcrt4

UuidCreate

shlwapi

SHDeleteKeyW

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c9152d7b07c513e5e6f48620512b11d

Headers

File Characteristics

Imports

advapi32

user32

shell32

kernel32

ole32

rpcrt4

shlwapi

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 72KB