14d7107cdf0a81c71348d9f78be1173e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

14d7107cdf0a81c71348d9f78be1173e_JaffaCakes118
Size

214KB
MD5

14d7107cdf0a81c71348d9f78be1173e
SHA1

ca5f3bb065354df58473598050f1cf13267db06b
SHA256

2183c84638b67cb55d173b77042b00cdb8777f63c2ebc4dd0b82c16e7bad1928
SHA512

f3135be39682ffd2bcc47c378700558aa192e9decb720d55861b13b90a3142ea630a0d0ce0ba7363fc54ed22b2cbbe7ab7f16a50d561b154d71aeed200d4b9a3
SSDEEP

3072:8CHNgCQKzz4acQkLkMOn20ThHYRBipdzShQ5RRd8xqWxfXnlINSpfeOiYIJSq1Rm:ryCQAIBGnzHYRwjRfdWxXlINweOk1R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d7107cdf0a81c71348d9f78be1173e_JaffaCakes118

Files

14d7107cdf0a81c71348d9f78be1173e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1895aa797afb2577c545618c6f4af707

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegCreateKeyExW
RegQueryValueExW

kernel32

IsValidCodePage
CreateProcessA
GetVersion
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
GetConsoleCP
GlobalFree
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
HeapAlloc
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GetProcAddress
WaitForMultipleObjects
FindFirstFileW
FindFirstFileA
lstrcmpA
GetProcessHeap
GetSystemInfo
GlobalLock
DeleteFileW
DeleteFileA
GetFileSize
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
GetSystemTime
EnterCriticalSection
HeapCreate
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GetConsoleMode
GlobalAlloc
WriteConsoleA
TerminateProcess
MulDiv
SetUnhandledExceptionFilter
SetFileAttributesA
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
GetExitCodeProcess
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsW
LoadLibraryExW
CreateFileA
LocalAlloc
GetLocaleInfoA
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
FindNextFileA
WaitForSingleObject
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
WriteFile
VirtualFree
Sleep
GetOEMCP
GetCommandLineA
VirtualAlloc
lstrlenA
HeapFree

version

VerQueryValueA
GetFileVersionInfoA

user32

ScreenToClient
GetDlgItem
SetWindowLongA
ReleaseCapture
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
PeekMessageA
MapWindowPoints
EndPaint
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
IsIconic
LoadStringA
GetWindow
LoadCursorA
EnableWindow
ShowWindow
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetClientRect
GetDC
DispatchMessageA
IsWindow
ReleaseDC
PostQuitMessage
SetFocus
IsWindowVisible
GetFocus
InvalidateRect
SendMessageA
SetCursor
SetForegroundWindow
EndDialog
MessageBoxA
GetSysColor
IsWindowEnabled
SystemParametersInfoA

gdi32

CreateCompatibleDC
SetTextColor
DeleteDC
DeleteObject
CreateFontIndirectA
SetBkColor
SelectObject

oleaut32

VariantClear
SysFreeString
VariantInit
SysAllocString
SysStringLen

Sections

ykoksy
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1895aa797afb2577c545618c6f4af707

Headers

File Characteristics

Imports

advapi32

kernel32

version

user32

gdi32

oleaut32

Sections

ykoksy Size: 202KB - Virtual size: 202KB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 5KB

ykoksy
Size: 202KB - Virtual size: 202KB

.rdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 5KB