16a77ce0d6b177139ba5c1aec79c3779_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16a77ce0d6b177139ba5c1aec79c3779_JaffaCakes118
Size

236KB
MD5

16a77ce0d6b177139ba5c1aec79c3779
SHA1

844160408103d8b092875592c588145cfa642a3a
SHA256

45f01955f34c537e9a5a876a09ea290d13cfd5a3e6f03ee5f42be898036716fe
SHA512

c4290906d5d70a910975fffbf6fd9eeda41fd918006ddfc45a955ebc4ae00daaed3ed0804c59393b9a2227233984ec97c0b471fef56e3386f837c6145e612005
SSDEEP

6144:jkZ78yOrNsZAgLpMPAciBaRzT5PmpaoqLufts2U0aZ:ja7vqsZAEpJrQRzlOYoqaBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16a77ce0d6b177139ba5c1aec79c3779_JaffaCakes118

Files

16a77ce0d6b177139ba5c1aec79c3779_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a0304b961ad021822d254639f685121

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetCurrentThread
UnmapViewOfFile
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
CreateProcessW
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
LCMapStringW
LoadLibraryExW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
CompareStringA
LoadLibraryW
FindNextFileW
lstrcmpA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetEvent
GetStartupInfoW
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
MapViewOfFile
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GetConsoleMode
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
LoadLibraryExA
CreateThread
SetFilePointer
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileStringA
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
InitializeCriticalSection
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
GetExitCodeProcess
FormatMessageW
LocalFree
GetOEMCP
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
GetCPInfo
GetTempPathA
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
TlsFree
GetModuleHandleA
ReadFile
FindFirstFileA
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
SizeofResource
GetVersion
CreateProcessA
TlsGetValue
IsValidCodePage
HeapCreate
WriteFile
VirtualFree
Sleep
FindResourceA
GetCommandLineA
HeapFree
VirtualAlloc

gdi32

SetBkMode
GetDeviceCaps
DeleteObject
DeleteDC
GetStockObject
CreateCompatibleDC
SelectObject
CreateSolidBrush
BitBlt

ole32

CoUninitialize
CoTaskMemFree

advapi32

RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

user32

InvalidateRect
DrawTextA
wsprintfA
IsWindowVisible
SystemParametersInfoA
PostMessageA
GetSysColor
MessageBoxA
SetDlgItemTextA
GetFocus
GetDesktopWindow
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
GetSubMenu
CheckMenuItem
SetWindowTextA
EndDialog
SetCapture
GetWindowRect
GetSystemMetrics
SendMessageA
KillTimer
EnableWindow
SetFocus
EndPaint
FillRect
SetTimer
GetWindowLongA
RegisterClassA
EnableMenuItem
GetWindow
IsWindowEnabled
TranslateMessage
PeekMessageA
SetWindowLongA
ShowWindow
UpdateWindow
GetParent
GetMessageA
DestroyWindow
MoveWindow
GetClientRect
GetDC
DispatchMessageA
IsWindow
SetWindowPos
LoadBitmapA
ReleaseDC
PostQuitMessage
SetForegroundWindow
SetCursor
BeginPaint
DefWindowProcA

msvcrt

exit
_exit
_cexit
_controlfp
free

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a0304b961ad021822d254639f685121

Headers

File Characteristics

Imports

kernel32

gdi32

ole32

advapi32

oleaut32

user32

msvcrt

Sections

.text Size: 200KB - Virtual size: 197KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 200KB - Virtual size: 197KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 4KB