189ead7f7a72119dccd31d3e0dd519ad_JaffaCakes118

General

Target

189ead7f7a72119dccd31d3e0dd519ad_JaffaCakes118
Size

249KB
MD5

189ead7f7a72119dccd31d3e0dd519ad
SHA1

86f4f81a6c51b2ddb9178b59c65cb3a24cb1ac14
SHA256

64b147c5ce473c4049acb4ad42eaf993a43e88d5adf91249330e90c3ef2f6a38
SHA512

50ed4fde6ff667198550a5de40fdf6f7bb8dd1bf3641240cd4904423e22c2a24851f56cadf23713a6efa8ebb6e0422e2c89c598bb77d06bbde72be3989a31c96
SSDEEP

3072:C2FOF18h8dcBJ8Cd4e69tBm9O3aY7jhHPzwUieQ5Jylfvme+j34IF7ta5203AW9:C2FOaJ8leczm9Oqc1Ps7Z5Uwe434IFfU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
189ead7f7a72119dccd31d3e0dd519ad_JaffaCakes118

Files

189ead7f7a72119dccd31d3e0dd519ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b66c6601d2142911f7b1c90a8c9c795

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CloseHandle
TerminateThread
SetEvent
GetProcAddress
LoadLibraryA
ResumeThread
CreateThread
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
ResetEvent
lstrcpyA
GetPrivateProfileSectionNamesA
lstrcatA
GetWindowsDirectoryA
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrcmpA
GetPrivateProfileStringA
GetVersionExA
CreateDirectoryA
GetFileAttributesA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
FindNextFileA
FindFirstFileA
RemoveDirectoryA
WriteFile
SetLastError
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
WaitForSingleObject
Sleep
lstrlenA
SetFilePointer
CreateFileA
GetLocalTime
GetTickCount
GlobalMemoryStatusEx
CreateMutexA
ExitProcess
WinExec
HeapFree
HeapAlloc
GetProcessHeap
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CreatePipe
DisconnectNamedPipe
PeekNamedPipe
CreateToolhelp32Snapshot
GetLastError
lstrcmpiA
RtlUnwind
RaiseException
MoveFileA
TerminateProcess
GetCurrentProcess
HeapReAlloc
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TlsAlloc
SetUnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
LocalAlloc
InterlockedExchange

msvcrt

??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_strupr

Sections

.data
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b66c6601d2142911f7b1c90a8c9c795

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.data Size: 228KB - Virtual size: 227KB

.rsrc Size: 20KB - Virtual size: 20KB

.data
Size: 228KB - Virtual size: 227KB

.rsrc
Size: 20KB - Virtual size: 20KB