381300528c93362f563a8d39a026b40a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

381300528c93362f563a8d39a026b40a_JaffaCakes118
Size

268KB
MD5

381300528c93362f563a8d39a026b40a
SHA1

2dd8381fa66b715f705fb295c0d6d1aaee7f3b80
SHA256

81875a4d97d27f19fd22123226e16d65c16644dc138701ab1e4770dd6eab6479
SHA512

66438e50e3329d8ebdca1855c3cc0ab2e1e54d276b59e52d93119aae252f794350fdf557bde0d4317946b81591e0d2c39bd5e4ba8a78ebf4c0f9d5d298d02691
SSDEEP

6144:nQUgZLVJcbg+SWrzM21TnBRB8upcRT7H8SU:nROxX6zM2nyV7cSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
381300528c93362f563a8d39a026b40a_JaffaCakes118

Files

381300528c93362f563a8d39a026b40a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d247425f05126d7dd08246aec132dd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenA
GetShortPathNameA
GetModuleHandleA
lstrlenW
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
GetProcAddress
GetSystemDirectoryA
GetCommandLineA
WritePrivateProfileStringA
GetWindowsDirectoryA
WaitForSingleObject
CreateProcessA
GetVersionExA
LoadLibraryA
GetTempFileNameA
GetTempPathA
GetACP
GetCurrentProcess
WritePrivateProfileSectionA
GetPrivateProfileSectionA
MoveFileExA
WriteFile
GetFileSize
lstrcmpA
LocalAlloc
GetVersion
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
HeapSize
IsBadWritePtr
VirtualAlloc
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
ReadFile
MultiByteToWideChar
GetModuleFileNameA
FormatMessageA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
LocalFree
CopyFileA
UnmapViewOfFile
CloseHandle
CreateFileMappingA
MapViewOfFile
GetLastError
GetEnvironmentVariableA
SetEnvironmentVariableA
InitializeCriticalSection
WideCharToMultiByte
VirtualFree
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
SetLastError
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
TerminateProcess
ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoA
RaiseException
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc

user32

CharPrevA
LoadStringA
MessageBoxA
ExitWindowsEx
SetForegroundWindow
GetSystemMetrics
CharNextA

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
VarUI4FromStr
SysAllocString

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoInitialize
CoRevokeClassObject
StringFromCLSID
CoUninitialize
CoLoadLibrary
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoFreeUnusedLibraries

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d247425f05126d7dd08246aec132dd0

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

ole32

version

shell32

Sections

.text Size: 84KB - Virtual size: 81KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 3KB

.text Size: 168KB - Virtual size: 168KB

.text
Size: 84KB - Virtual size: 81KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 168KB - Virtual size: 168KB