0431aa187068d88d0b8a73f127e3de6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0431aa187068d88d0b8a73f127e3de6a_JaffaCakes118
Size

124KB
MD5

0431aa187068d88d0b8a73f127e3de6a
SHA1

c88052d6d26248b79485d781fcb7581f1045be4f
SHA256

1a126613ca3eb1454d5d4dfd0dc22cdae59b639b7cbb4072dafaa83b2de9d520
SHA512

764321740acde7ca10f9724b160264a788be54616d5b07661fb7be2d0acf4582c31766ed75e9136c6ea76b47348a39761b0868df3a8c3f7ca4011153e6b5d0d5
SSDEEP

3072:3UktfiggTqAOKny3QRZh0PJwHlgbK0Bagee/hj:kktfN6q6nygLh0asp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0431aa187068d88d0b8a73f127e3de6a_JaffaCakes118

Files

0431aa187068d88d0b8a73f127e3de6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d57aa6718eb4619001b22233fc19bc77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

SetEvent
CreateEventA
CreateThread
Sleep
lstrcpyA
ResumeThread
WaitForSingleObject
TerminateProcess
GetLastError
CreateProcessA
GetSystemInfo
GetVersionExA
GetCurrentProcessId
ReadFile
SetFilePointer
GetTickCount
HeapAlloc
GetModuleHandleA
WriteFile
HeapFree
CloseHandle
GetProcessHeap
CreateMutexA
GetCommandLineA
GetProcAddress
FreeLibrary
LoadLibraryA
OpenEventA
OutputDebugStringA
LocalAlloc
lstrcatA
GetCurrentProcess
lstrcmpiA
lstrcmpA
FormatMessageA
LocalFree
lstrcpynA
lstrlenA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
GetModuleFileNameA
GetFullPathNameA
HeapDestroy
HeapCreate
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDriveTypeA
CreateDirectoryA
SetEndOfFile
FindFirstFileA
FindClose
VirtualFree
FlushFileBuffers
GetTimeZoneInformation
SetConsoleCtrlHandler
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
SetCurrentDirectoryA
GetCurrentDirectoryA
RtlUnwind
GetFileAttributesA
ExitProcess
GetLocalTime
GetStartupInfoA
GetVersion
GetEnvironmentVariableA
GetCPInfo
WideCharToMultiByte
GetEnvironmentStrings
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetACP
GetOEMCP
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW

user32

TranslateMessage
LoadStringA
SendMessageA
wsprintfA
RegisterClassA
LoadCursorA
LoadIconA
MessageBoxA
GetParent
SetWindowPos
ShowWindow
CreateWindowExA
DefWindowProcA
wvsprintfA
GetWindowRect
GetClientRect
SystemParametersInfoA
IsDialogMessageA
DispatchMessageA
IsWindow
EndPaint
PostQuitMessage
BeginPaint
GetMessageA
GetWindowPlacement

gdi32

GetStockObject

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumValueA

winmm

timeGetTime

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d57aa6718eb4619001b22233fc19bc77

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

winmm

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 32KB - Virtual size: 30KB