11cea6c3f06f5de6b6b091b84cfae5fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11cea6c3f06f5de6b6b091b84cfae5fe_JaffaCakes118
Size

259KB
MD5

11cea6c3f06f5de6b6b091b84cfae5fe
SHA1

6d2ca400a8a2cc998bd1abbeac3f880a89de0657
SHA256

e4a639dfa568ed451b565271ee9609cf7d14159c86a71f9bab73677001bc9838
SHA512

88d966123d24b2a1fad3aebfdec01c04d6de2288c47d43dbfb0002820cf8d7d4173a11eeda4d05cb32c30e852a91f445b586e4890e176499ddce8356f4fc0620
SSDEEP

6144:4Jq7LCU0Kq998YpLr1hoAwC5kw5uLPB2J6Q7zspekOtCzaghT3jilNrMqC:4ACU0R/3pLrQdIkOuzop7zsgCzV13j8M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11cea6c3f06f5de6b6b091b84cfae5fe_JaffaCakes118

Files

11cea6c3f06f5de6b6b091b84cfae5fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f62d46bf5b6ba1b8ae98757d477e1a3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

HeapAlloc
lstrlenW
CreateDirectoryA
UnhandledExceptionFilter
WideCharToMultiByte
lstrlenA
DeleteCriticalSection
SizeofResource
HeapReAlloc
EnterCriticalSection
RaiseException
HeapFree
HeapDestroy
HeapSize
GetProcessHeap
GetACP
GetCurrentThreadId
SetUnhandledExceptionFilter
LeaveCriticalSection
FindResourceExA
GetSystemTimeAsFileTime
FindResourceA
GetThreadLocale
IsDebuggerPresent
LoadResource
LockResource
GetCurrentProcess
VirtualAllocEx
GetModuleHandleA

user32

CharLowerBuffA
UnregisterClassA

shlwapi

PathIsRootW
UrlIsNoHistoryA
UrlCanonicalizeA
PathIsSystemFolderW
StrCatBuffA
SHRegQueryUSValueA
wvnsprintfA
PathRemoveArgsW
StrCmpNA
SHGetInverseCMAP
SHQueryInfoKeyA
PathMakePrettyA
PathSearchAndQualifyA
PathParseIconLocationA
StrRetToBufW
StrChrA
SHRegWriteUSValueA
StrStrA
PathCommonPrefixA
PathFindFileNameA
UrlIsW
SHEnumValueA
SHRegSetPathA

msrating

VerifySupervisorPassword

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BawZ
Size: 512B - Virtual size: 287B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UHlc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xLqPw
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wyEj
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SwUDlz
Size: 1024B - Virtual size: 975B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NpNvHd
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xnam
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HMHwikw
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 214KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dRbupA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MCzKxR
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Fbmcq
Size: 1024B - Virtual size: 549B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f62d46bf5b6ba1b8ae98757d477e1a3d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

shlwapi

msrating

Sections

.text Size: 20KB - Virtual size: 19KB

.BawZ Size: 512B - Virtual size: 287B

.UHlc Size: 2KB - Virtual size: 1KB

.xLqPw Size: 2KB - Virtual size: 1KB

.wyEj Size: 3KB - Virtual size: 2KB

.SwUDlz Size: 1024B - Virtual size: 975B

.rdata Size: 2KB - Virtual size: 1KB

.NpNvHd Size: 3KB - Virtual size: 2KB

.xnam Size: 2KB - Virtual size: 2KB

.HMHwikw Size: 2KB - Virtual size: 2KB

.data Size: 214KB - Virtual size: 1.2MB

.rsrc Size: 4KB - Virtual size: 4KB

.dRbupA Size: 2KB - Virtual size: 1KB

.MCzKxR Size: 1KB - Virtual size: 1KB

.Fbmcq Size: 1024B - Virtual size: 549B

.text
Size: 20KB - Virtual size: 19KB

.BawZ
Size: 512B - Virtual size: 287B

.UHlc
Size: 2KB - Virtual size: 1KB

.xLqPw
Size: 2KB - Virtual size: 1KB

.wyEj
Size: 3KB - Virtual size: 2KB

.SwUDlz
Size: 1024B - Virtual size: 975B

.rdata
Size: 2KB - Virtual size: 1KB

.NpNvHd
Size: 3KB - Virtual size: 2KB

.xnam
Size: 2KB - Virtual size: 2KB

.HMHwikw
Size: 2KB - Virtual size: 2KB

.data
Size: 214KB - Virtual size: 1.2MB

.rsrc
Size: 4KB - Virtual size: 4KB

.dRbupA
Size: 2KB - Virtual size: 1KB

.MCzKxR
Size: 1KB - Virtual size: 1KB

.Fbmcq
Size: 1024B - Virtual size: 549B