d0305ccdc35b1e377209af5f153ecde7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d0305ccdc35b1e377209af5f153ecde7_JaffaCakes118
Size

142KB
MD5

d0305ccdc35b1e377209af5f153ecde7
SHA1

2688f2d5264346ff9fe43a92a766d4ea9e708660
SHA256

8dec43f174c34238bd38d28febea66bf6341f83b7844b5c8de82bf2a56b5a8bd
SHA512

ddd5577c61139def17e98bb48a0f1e2fb65cb1e3fb5d5dd8b67310b16c8e14176032c7a35cd5463195441fe9e05ba7a1e7812f7ddb05c091166b8efb79653fbe
SSDEEP

3072:Wiv8RkjtJjqcWsCIIIwighjeVpAOSGLii0FJtRni:Wi0R4baIIIwf+Lii0FJ3i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0305ccdc35b1e377209af5f153ecde7_JaffaCakes118

Files

d0305ccdc35b1e377209af5f153ecde7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0649a8d891a84be8f89eedc30b58862

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

psapi

EnumProcesses
GetModuleFileNameExA

kernel32

SetEndOfFile
ReadFile
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
HeapReAlloc
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
CloseHandle
OpenProcess
GetCurrentProcessId
GetSystemDirectoryA
GetModuleFileNameA
CreateDirectoryA
GetProcAddress
LoadLibraryA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetWindowsDirectoryA
CreateFileA
lstrcpyA
GetCurrentDirectoryA
GetLastError
DeleteFileA
SetFileAttributesA
CopyFileA
MoveFileExA
CompareFileTime
GetFileTime
GetTempFileNameA
GetTempPathA
FindClose
FindFirstFileA
FreeLibrary
GetCurrentProcess
GetVersionExA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e0649a8d891a84be8f89eedc30b58862

Headers

File Characteristics

Imports

advapi32

version

psapi

kernel32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 146KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 146KB

.rsrc
Size: 76KB - Virtual size: 76KB