102b8ef8793c02d0e21100fdc00bd49b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

102b8ef8793c02d0e21100fdc00bd49b_JaffaCakes118
Size

142KB
MD5

102b8ef8793c02d0e21100fdc00bd49b
SHA1

c5f677402ac5cf2cf15f6b4a26a74a87df0bed74
SHA256

b1894a7e444cff4182d9381c1a0596ebae66aa0738675e6ddaa30f538d702376
SHA512

26119dc4da88e9a640bd02286647ef29705f798e9d5fa9ed212a80fb08cf6121fe25156056a3e4bfd188ec0dfa888413dc1b7fd6e1cbeccfb6ce3513b8a6c15a
SSDEEP

3072:Kg0edMPJxImsk53UQQkiBiaubCvfwmNrJI+epb79sTlM:KMdMoU3UQQZBybSf3hZ0JKl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
102b8ef8793c02d0e21100fdc00bd49b_JaffaCakes118

Files

102b8ef8793c02d0e21100fdc00bd49b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

150d6098623690d31132d53318e66091

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
OpenProcessToken

shell32

RealShellExecuteW
DoEnvironmentSubstW
CheckEscapesW
RegenerateUserEnvironment

kernel32

lstrlenW
lstrcpyW
lstrcmpiW
VirtualProtect
VirtualFree
CloseHandle
CreateThread
DeleteFileA
ExitProcess
ExitThread
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetFileSize
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetTickCount
GetWindowsDirectoryW
LoadLibraryA
LocalAlloc
LocalFree
LocalLock
LocalUnlock
SetCurrentDirectoryW
SetPriorityClass
VirtualAlloc

msvcrt

exit
_initterm
_exit
_controlfp
_cexit
_c_exit
_adjust_fdiv
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__initenv
__getmainargs
_XcptFilter
_except_handler3

user32

wsprintfW
UpdateWindow
TranslateMessage
TileChildWindows
SwitchToThisWindow
ShowWindow
ShowCursor
SetWindowPos
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetCursor
SendMessageW
SendDlgItemMessageW
RegisterHotKey
ArrangeIconicWindows
CascadeChildWindows
CharNextW
CreateDialogParamW
DestroyWindow
DispatchMessageW
EnableWindow
EndTask
GetCursorPos
GetDesktopWindow
GetDlgItem
GetDlgItemTextW
GetKeyState
GetLastActivePopup
GetMessageW
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowRect
GetWindowThreadProcessId
InternalGetWindowText
IsDialogMessageW
IsWindow
IsWindowVisible
LoadCursorW
LoadStringW
MessageBeep
MessageBoxW
PostMessageW
PostQuitMessage

Exports

Exports

AboutDialogShow
SteamAPI_UnregisterCallback
SteamClient

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

150d6098623690d31132d53318e66091

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 32KB

.rdata Size: 88KB - Virtual size: 88KB

.data Size: 19KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 29KB - Virtual size: 32KB

.rdata
Size: 88KB - Virtual size: 88KB

.data
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 8KB