ed820e0d4814a9d6099f2e501491a047_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ed820e0d4814a9d6099f2e501491a047_JaffaCakes118
Size

297KB
MD5

ed820e0d4814a9d6099f2e501491a047
SHA1

29489cc4dde70d67ca738c87af49a67b5dc98e37
SHA256

5bbe8dc28b72d410c8b6a854c4c730d0dad255fcfe7647cb8952ed1038262db5
SHA512

2dc903242eeae6e6c9200041d04ccbdf0c1e83e31ae40ffe31c9d9ac7bfaeffa77ceefed63ee15af873ce20013914a989ce324ef3de4fd89ae28f8296f43cd50
SSDEEP

6144:UOXVf4BkRrNoaWlNI1Taxs6pS8iKEl4pL36TqIn8725cZWcGh6ca16Qf:jfgAeaWl+1Wx7s8WqR2qInPc/6Qf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed820e0d4814a9d6099f2e501491a047_JaffaCakes118

Files

ed820e0d4814a9d6099f2e501491a047_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30fff9ed0dcf44b52d1511ffe17ccc90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

oleaut32

SysAllocString
SysFreeString

advapi32

RegOpenKeyExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

gdi32

SetTextColor
DeleteDC
DeleteObject
CreateFontIndirectA
SelectObject
SetBkMode

kernel32

WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetStdHandle
SetUnhandledExceptionFilter
FindFirstFileW
CompareStringA
VirtualAlloc
FindResourceA
Sleep
VirtualFree
HeapCreate
CreateProcessA
GetEnvironmentStrings
GetModuleHandleW
GetACP
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
SetStdHandle
GetLastError
LeaveCriticalSection
GetCurrentThreadId
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GetProcAddress
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
FindNextFileW
CompareStringW
GetProcessHeap
GlobalLock
SetEvent
DeleteFileA
GetFileSize
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetVersion
GetLocaleInfoA
SetEndOfFile
CreateEventW
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
GetStartupInfoA
HeapDestroy
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
lstrcmpiA
GetCPInfo
FreeEnvironmentStringsW
ExitProcess
lstrcatA
GetConsoleOutputCP
LocalAlloc
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW

user32

PostQuitMessage
SetForegroundWindow
LoadBitmapA
CallWindowProcA
GetClientRect
SendMessageA
InvalidateRect
wsprintfA
IsWindowVisible
SetCursor
GetSysColor
DialogBoxParamA
MessageBoxA
EndDialog
TrackPopupMenu
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
SetTimer
GetSubMenu
SetWindowTextA
SetWindowLongA
ReleaseCapture
SetCapture
GetWindowRect
EnableMenuItem
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
IsIconic
TranslateMessage
EnableWindow
ShowWindow
GetParent
GetMessageA
DestroyWindow
ClientToScreen
ReleaseDC
GetDC
EndPaint
IsWindow
SetWindowPos

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30fff9ed0dcf44b52d1511ffe17ccc90

Headers

File Characteristics

Imports

version

oleaut32

advapi32

gdi32

kernel32

user32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 270KB - Virtual size: 269KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 270KB - Virtual size: 269KB

.rsrc
Size: 5KB - Virtual size: 5KB