7fa534e13553df8681fdeb844e72ad18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7fa534e13553df8681fdeb844e72ad18_JaffaCakes118
Size

197KB
MD5

7fa534e13553df8681fdeb844e72ad18
SHA1

96338f737a590b3a3aca67d14a2049824ce9c22f
SHA256

e7d68576365e81346803a753d38d7fc1f691f0349a3d8ca18060d90da0db2858
SHA512

a6a20797474a77e7d3b682a48620a37a4136ee37af7ba3a521d5f77d6389295015d2e6e4e1d5f293798df7aaf522c8d785ff94e99f9c50b277e404165afcfdcc
SSDEEP

6144:R6nEfQO8TQO8KhrrH4/VoXf3Ph+LduKMT1w:R6NX3Pkd8T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fa534e13553df8681fdeb844e72ad18_JaffaCakes118

Files

7fa534e13553df8681fdeb844e72ad18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c148f698f915f8a30025caa46f83ab8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
SetErrorMode
GetSystemDirectoryA
GetVersionExA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpynA
SetThreadPriority
ExitProcess
GetCurrentThreadId
CreateFileW
MultiByteToWideChar
ReadFile
SetFilePointer
GetOverlappedResult
ResetEvent
GetFullPathNameA
GetVersion
WideCharToMultiByte
LoadLibraryW
GetPrivateProfileIntA
GetPrivateProfileIntW
WritePrivateProfileStringA
WritePrivateProfileStringW
SetEnvironmentVariableA
CompareStringW
CompareStringA
WaitForMultipleObjects
WaitForSingleObject
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
InterlockedIncrement
InterlockedDecrement
UnhandledExceptionFilter
HeapSize
GetCurrentProcess
TerminateProcess
RaiseException
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsAlloc
GetFileAttributesA
GetCommandLineA
GetStartupInfoA
ExitThread
TlsSetValue
CreateThread
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
Sleep
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetTickCount
SetEvent
UnmapViewOfFile
GetTempPathA
CreateMutexA
GlobalAlloc
GlobalFree
DeleteFileA
CreateFileA
CloseHandle
GetFileSize
WriteFile
CreateFileMappingA
MapViewOfFile
CreateEventA
ReleaseMutex

user32

DispatchMessageA
wsprintfA
TranslateMessage
IsDialogMessageA
GetWindowLongA
PeekMessageA
DestroyWindow
KillTimer
SetTimer
SetWindowPos
GetWindowRect
GetClientRect
ShowWindow
GetClassWord
FindWindowExA
GetWindowTextLengthW
GetWindowTextW
GetWindowTextA
PostMessageA
GetMessagePos
PtInRect
GetWindowThreadProcessId
GetWindowDC
RemovePropA
CallWindowProcA
GetSystemMetrics
GetPropA
SetPropA
GetDC
ReleaseDC
SendMessageA
SetWindowLongA
BeginPaint
EndPaint
RedrawWindow
GetCapture
SetForegroundWindow
IsWindowVisible
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
GetDesktopWindow
CreateWindowExA
GetWindow

gdi32

BitBlt
GetStockObject
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize

comctl32

ord17

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c148f698f915f8a30025caa46f83ab8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

winmm

version

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 14KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 12B

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 14KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 12B

.rsrc
Size: 25KB - Virtual size: 25KB