168462e91e14cae60f3b68cc32344f5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

168462e91e14cae60f3b68cc32344f5e_JaffaCakes118
Size

152KB
MD5

168462e91e14cae60f3b68cc32344f5e
SHA1

1b216f018159262fdd2e8e446afb48529170fac6
SHA256

cefd90c647e6845b95fe64ac134082bf688a25b5c047fc0eab1664f9366faa05
SHA512

d36887b26f5b689ecb8be5e573e03d0f25a0d62343db3653eaeb35a07c1235b422566bb4133a30fc06f2ca59e29fd41f8f53c8cf4c433524a9cf8cc0395c3245
SSDEEP

3072:AfzDuUdcG+2wadxeyjziU0kZtPYnp1zwQ:AfzzOG+2teyjh0krYp1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
168462e91e14cae60f3b68cc32344f5e_JaffaCakes118

Files

168462e91e14cae60f3b68cc32344f5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69b82539e5cef3911afc290df524a2df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
WriteFile
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetSystemTime
GetLastError
GetProcAddress
LoadLibraryA
GetDriveTypeA
GetLogicalDriveStringsA
CreateMutexA
SetFileAttributesA
Sleep
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetVersionExA
GetTempPathA
GetFullPathNameA
GetCurrentDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
MultiByteToWideChar
GetTimeZoneInformation
GetLocalTime
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
LCMapStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetFolderPathA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69b82539e5cef3911afc290df524a2df

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 27KB

.sxdata Size: 4KB - Virtual size: 124B

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 27KB

.sxdata
Size: 4KB - Virtual size: 124B

.rsrc
Size: 40KB - Virtual size: 36KB