a582026d40e5f83ee1c351e1e8b19ba2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a582026d40e5f83ee1c351e1e8b19ba2_JaffaCakes118
Size

820KB
MD5

a582026d40e5f83ee1c351e1e8b19ba2
SHA1

4419d0af5919fabc5286e7204bdd4ac9657c97dd
SHA256

04134c9275d693f3a637b2db3acbf97646784c81a64e97f5f16f8f7cb79df684
SHA512

baf9436af1ae1918da23021461ebfc34109f7b5ea36cec357c0e6b5a6b1bfbbc88a127ac78a086aff0f3e350ddd1f02932c7d1a7ee4903686c99f6e3241cb69f
SSDEEP

12288:pn2qYTOAA/J2sMkemQWmjT6UwSq6Y4GXQGjxXdiMXMifaUXInFWX3O:pn2qNXNCWIwSOXXj7iv6+FWO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a582026d40e5f83ee1c351e1e8b19ba2_JaffaCakes118

Files

a582026d40e5f83ee1c351e1e8b19ba2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96abe90f3a1f59b2d2f9a2da6f4ef883

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
Sleep
SetEvent
WaitForSingleObject
GetWindowsDirectoryA
GetModuleHandleA
lstrcatA
InterlockedExchange
GetModuleFileNameA
GetSystemDirectoryA
GetLastError
SetLastError
FindClose
SizeofResource
LoadResource
LockResource
lstrlenA
InterlockedIncrement
GetCurrentProcess
FlushInstructionCache
CompareStringA
CloseHandle
EnterCriticalSection
HeapReAlloc
HeapAlloc
ExitProcess
TerminateProcess
FlushFileBuffers
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidLocale
LCMapStringA
IsBadCodePtr
SetUnhandledExceptionFilter
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetEndOfFile
GetStartupInfoA
GetStdHandle
SetHandleCount
SetStdHandle
HeapSize
HeapCreate
GetVersionExA
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
GetCurrentThread
TlsGetValue
TlsFree
TlsAlloc
GetTickCount
RtlUnwind
GetVersion
InterlockedDecrement
RaiseException
ExitThread
CreateFileA
LocalFree
LocalAlloc
LeaveCriticalSection
DeleteCriticalSection
SetEnvironmentVariableA
GetOEMCP
GetACP
SetConsoleCtrlHandler
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId
FatalAppExitA
CreateThread
TlsSetValue
GetFileType
GetTimeZoneInformation
HeapFree
IsBadReadPtr
ReadFile
SetFilePointer
WriteFile
GetSystemTime
GetLocalTime
DeleteFileA
ResumeThread

user32

GetClientRect
PostQuitMessage
ShowWindow
TranslateMessage
ReleaseDC
DestroyWindow
GetActiveWindow
GetDC
SetCursor
GetCursor
DestroyCursor
SetFocus
SetWindowPos
PeekMessageA
SetWindowTextA
SendMessageA
PostMessageA
DefWindowProcA
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
DispatchMessageA
UnregisterClassA
GetParent
GetWindow
MapWindowPoints
EndPaint
BeginPaint
SetWindowRgn
InvalidateRect
IsWindow
ReleaseCapture
SetCapture
GetWindowRect

gdi32

CreateRectRgn
CreateDIBSection
GetDeviceCaps
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetClipBox
GetDIBits
CreateCompatibleBitmap
StretchBlt

winmm

mciSendCommandA
mmioInstallIOProcA

advapi32

RegCloseKey

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal

comctl32

InitCommonControlsEx
_TrackMouseEvent

Sections

.text
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96abe90f3a1f59b2d2f9a2da6f4ef883

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

advapi32

ole32

comctl32

Sections

.text Size: 392KB - Virtual size: 390KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 40KB - Virtual size: 47KB

.rsrc Size: 308KB - Virtual size: 307KB

.text
Size: 392KB - Virtual size: 390KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 40KB - Virtual size: 47KB

.rsrc
Size: 308KB - Virtual size: 307KB