8e5549e6724e897f17aa55e9791037fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e5549e6724e897f17aa55e9791037fb_JaffaCakes118
Size

460KB
MD5

8e5549e6724e897f17aa55e9791037fb
SHA1

7b917ab822b6ae635699de30972ed04b75f0aeac
SHA256

c3cc5889213c78c8bcb30d6c9110994a25404ff04df869a0467ac9f5d246d680
SHA512

574735be5282924fb7f4e96bd061ea9a33023dc737ff649875a498ad145681426e1837b5b76961d607210e6e833bc87c0233b692a2350ac2f3e83ebf370c92cb
SSDEEP

12288:7ulkTN0odqnuGqnu5qnuVqnu7qnuEqnuL4uOZqnucqnuX:7uUNfd+uG+u5+uV+u7+uE+uL4uOZ+uch

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e5549e6724e897f17aa55e9791037fb_JaffaCakes118

Files

8e5549e6724e897f17aa55e9791037fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39ec60dfad123afaedcff1700683c46f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetVolumeInformationA
GetVersionExA
GetCurrentProcess
CreateDirectoryA
LocalFree
LocalAlloc
GetCurrentThread
SizeofResource
LockResource
LoadResource
FindResourceA
SetCurrentDirectoryA
GetCurrentProcessId
CreateMutexA
ReleaseMutex
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
HeapSize
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
GetOEMCP
lstrcpynA
GetTempPathA
GetTempFileNameA
EnumResourceNamesA
GetModuleHandleA
ReadFile
SetFilePointer
GetVersion
lstrlenW
Sleep
WideCharToMultiByte
SetLastError
GetCurrentDirectoryA
lstrcatA
lstrcpyA
CopyFileA
SetFileAttributesA
CreateThread
WaitForSingleObject
TerminateThread
DeleteFileA
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenA
MultiByteToWideChar
GetSystemDirectoryA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
CreateFileA
WriteFile
GetLastError
CloseHandle
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
GetStdHandle
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetStringTypeA
CompareStringW
CompareStringA
GetCPInfo
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
LCMapStringA
LCMapStringW

user32

SendMessageA
LoadBitmapA
wsprintfA
GetDesktopWindow
BeginPaint
GetDlgItem
ShowWindow
LoadIconA
DialogBoxParamA
MessageBoxA
SetWindowTextA
GetDlgItemTextA
EndDialog
SetFocus
SetDlgItemTextA
EndPaint

gdi32

SelectObject
GetObjectA
BitBlt
DeleteObject
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyExA
CreateServiceA
StartServiceA
DeleteService
OpenSCManagerA
CloseServiceHandle
OpenThreadToken
DuplicateToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
OpenProcessToken
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
LookupAccountNameA
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shell32

ShellExecuteA

ole32

CoTaskMemFree

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

wsock32

WSAGetLastError
ioctlsocket
inet_addr
gethostbyname
WSAStartup
gethostname

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39ec60dfad123afaedcff1700683c46f

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wsock32

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 84KB - Virtual size: 90KB

.rsrc Size: 124KB - Virtual size: 122KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 84KB - Virtual size: 90KB

.rsrc
Size: 124KB - Virtual size: 122KB