0e71133930f101809794f4deaef2c589_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e71133930f101809794f4deaef2c589_JaffaCakes118
Size

102KB
MD5

0e71133930f101809794f4deaef2c589
SHA1

7486cb96bd1124c405e227e8505a4a29c363dca2
SHA256

9b50560fbff3f69ac8f18666f9e980372a1aa114c09a048760d5ef59b6f24112
SHA512

d674a1eab9cbf8a1b79e24ed121ec7bd2d23f8b68df1a640a37e77c5b74e31a8c2ee055332b05fd9ebab04e1d8b0eb08560f2499b29c5a49cb376bb1e47201b5
SSDEEP

1536:a7VPC/RkKCXc2cDSGvhIvBibz5Mt/eGmViTOJmCzytVN:+xC5kKCFcuvBibNKi0+zytVN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e71133930f101809794f4deaef2c589_JaffaCakes118

Files

0e71133930f101809794f4deaef2c589_JaffaCakes118
.exe windows:4 windows x86 arch:x86

076427859c39408dab748be231a22a7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
SetFileAttributesW
GetVersionExW
GetLastError
CreateProcessW
HeapAlloc
HeapFree
GetEnvironmentStringsW
WaitForSingleObject
GetProcessHeap
GetExitCodeProcess
FreeEnvironmentStringsW
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
OpenProcess
TerminateProcess
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
Sleep
FindNextFileW
RemoveDirectoryW
SetCurrentDirectoryW
FindClose
GetFileAttributesW
FindFirstFileW
CloseHandle
GetEnvironmentVariableW
CreateFileA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
ExitProcess
GetVersionExA
GetStartupInfoW
RaiseException
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetACP
GetOEMCP
HeapSize
GetModuleFileNameA
LoadLibraryA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

076427859c39408dab748be231a22a7b

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 78KB - Virtual size: 78KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 176B