1754c5a9f6b5993c50e9243a75fd4e1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1754c5a9f6b5993c50e9243a75fd4e1a_JaffaCakes118
Size

169KB
MD5

1754c5a9f6b5993c50e9243a75fd4e1a
SHA1

b470cb8f75d1dd316090a4192123e1e1a39a0754
SHA256

bd3977f700cc48caa11b6b83a6a7b752d1bdf74054acbc809eea9093b130ee7b
SHA512

05613d5d726a6e5d2c3334f0fa25424b7c71133db9740d6976934208c0cf27ab2e79c2c358f8977fd087b29925b07cb389fc7739920cd26f01ff0c53300792b2
SSDEEP

3072:+QPzjCUSV3/X7qX81hcqLK8O7PffqIFQRdcib1vXAkq7NMvre0ET5CROfi4yF9Dv:vmvyk7K57PfCIiukRrha5nfi4yFx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1754c5a9f6b5993c50e9243a75fd4e1a_JaffaCakes118

Files

1754c5a9f6b5993c50e9243a75fd4e1a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09abd344f8257b4046743adb1d17a6c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Lost Folder Info\ProjFileNameData

Imports

kernel32

GlobalHandle
CreateWaitableTimerW
OpenFile
CreateMutexW
FileTimeToLocalFileTime
GetAtomNameA
TlsFree
GetSystemDirectoryW
FlushFileBuffers
GlobalFree
GetNumberFormatA
FindNextFileW
WaitForMultipleObjectsEx
QueryDosDeviceW
QueryPerformanceCounter
GetACP
GetFileSize
SetLocalTime
lstrcmpW
DeleteFileW
GetNumberFormatW
SetSystemTimeAdjustment
LoadLibraryExW
OpenSemaphoreW
CreateWaitableTimerA
MulDiv
GetOverlappedResult
GetShortPathNameA
GetCurrentThreadId
LoadLibraryExA
EnterCriticalSection
GetCurrentThread
GetSystemTime
GetThreadPriority
SetUnhandledExceptionFilter
LeaveCriticalSection
TryEnterCriticalSection
GetHandleInformation
lstrcpynA
SetCommState
GetBinaryTypeA
SizeofResource
SetCommMask
GetLocalTime
FileTimeToSystemTime
IsBadCodePtr
LoadLibraryW
GetCommandLineW
CreateMutexA
GlobalReAlloc
GlobalMemoryStatusEx
GetModuleFileNameW
FoldStringW
GlobalGetAtomNameA
lstrlenW
HeapCreate
FormatMessageW
GetTimeFormatW
GetStdHandle
GetTimeFormatA
LoadResource
HeapReAlloc
GetStartupInfoW
LockResource
LoadLibraryA
ReadFile
GetFullPathNameA
WaitForSingleObjectEx
MoveFileW
ResumeThread
GetBinaryTypeW
GetSystemDefaultLangID
RemoveDirectoryA
FindResourceExW
DeviceIoControl
ExitThread
MultiByteToWideChar
GetCommProperties
GetModuleHandleW
CompareStringW
GetProcAddress
GlobalGetAtomNameW
LocalFree
CreateSemaphoreA
GetThreadContext
VerSetConditionMask
UnmapViewOfFile
GlobalCompact
GlobalAddAtomA
EnumResourceNamesW
CreateRemoteThread
GetFileTime
CreateThread
IsDBCSLeadByte
GlobalFlags
EnumResourceTypesA
SystemTimeToFileTime
CreateNamedPipeW
FindNextFileA
UnlockFile
SetFilePointer
CallNamedPipeW
FindResourceW
IsBadReadPtr
LocalLock
HeapValidate
SetCurrentDirectoryA
GlobalAddAtomW
HeapLock
EnumSystemLocalesA
FindFirstFileW
CreateFileA
VirtualProtect
RaiseException
GetCPInfo
CreateFileMappingA
IsDBCSLeadByteEx
CompareStringA
lstrcatW
CreateEventW
CreateFileW
GetWindowsDirectoryW
HeapWalk

psapi

QueryWorkingSet

shlwapi

PathUnmakeSystemFolderA

advapi32

RegQueryValueExA
RegQueryValueExW
RegReplaceKeyA

Sections

.text
Size: 135KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09abd344f8257b4046743adb1d17a6c3

Headers

File Characteristics

PDB Paths

Imports

kernel32

psapi

shlwapi

advapi32

Sections

.text Size: 135KB - Virtual size: 143KB

.data Size: 29KB - Virtual size: 29KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 135KB - Virtual size: 143KB

.data
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB