1a27c2dea1a32541a96296fa7da04210_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1a27c2dea1a32541a96296fa7da04210_JaffaCakes118
Size

173KB
MD5

1a27c2dea1a32541a96296fa7da04210
SHA1

5806a40325204dca550c3efeff5fcbe638436a92
SHA256

489f0c156e6e29fc5184f7b51f81424c3ed706ef78df84e88e93bfc7a7f706b8
SHA512

1d6762bc0bf489ac03b1c1c37039ded5b0639598ef13d3ff6062c83fde45e1c123fc05179794d99a62a7a0017c64359f0136f298ebf37106e96a2a253f48dd76
SSDEEP

3072:eqgcoJbv2ZTpShypuSiuPBL+ZYtVxOkBJsEU6s2niAet3N/3hhJk6tyzuaiSqdhe:eqNoR2x6yASioN+ZMVokBpU2itt3NNtg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a27c2dea1a32541a96296fa7da04210_JaffaCakes118

Files

1a27c2dea1a32541a96296fa7da04210_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16f426a6795b49c03aeab00d9d833208

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostThreadMessageA
wsprintfA
LoadStringA
RegisterClassA
CreateWindowExA
GetMessageA
wvsprintfA
MsgWaitForMultipleObjects
CopyRect
DispatchMessageA
MonitorFromWindow
RegisterWindowMessageA
GetQueueStatus
PeekMessageA
DestroyWindow

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromString
GetRunningObjectTable
CoCreateInstance
CoUninitialize
StringFromCLSID
StringFromGUID2
CoTaskMemFree
CreateItemMoniker
CoInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoInitializeEx
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc

winmm

timeGetDevCaps
timeGetTime
timeBeginPeriod
timeEndPeriod

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegSetValueA
RegCreateKeyA
RegEnumKeyExA

quartz

AMGetErrorTextW

kernel32

WaitForSingleObject
CloseHandle
GetSystemTimeAsFileTime
lstrlenA
VirtualFree
FindResourceA
GetTapeParameters
GetVersionExA
InterlockedDecrement
FreeLibrary
VirtualAlloc
InitializeCriticalSection
GetModuleFileNameW
LockResource
HeapFree
LeaveCriticalSection
DeleteCriticalSection
GetExitCodeThread
GetThreadPriority
ClearCommError
IsBadWritePtr
ReleaseMutex
MultiByteToWideChar
CreateThread
ReleaseSemaphore
CreateSemaphoreA
GetCurrentThread
EnumResourceNamesA
ResetEvent
WaitForMultipleObjects
QueryPerformanceCounter
LocalFree
LoadResource
GetSystemInfo
GlobalAlloc
InterlockedIncrement
GetModuleFileNameA
LoadLibraryA
WideCharToMultiByte
CreateMutexA
DisableThreadLibraryCalls
GetTickCount
TerminateThread
CreateFileW
GetSystemTime
GetCurrentThreadId
SetEvent
GetLastError
FatalExit
IsBadReadPtr
GetProcessHeap
GetCurrentProcessId
EnterCriticalSection
Sleep
LoadLibraryW
CreateEventA
SetThreadPriority
GetACP
ResumeThread
GetProcAddress
ExitProcess

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16f426a6795b49c03aeab00d9d833208

Headers

File Characteristics

Imports

user32

shell32

ole32

winmm

advapi32

quartz

kernel32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 43KB - Virtual size: 42KB

.lib Size: 512B - Virtual size: 88KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 43KB - Virtual size: 42KB

.lib
Size: 512B - Virtual size: 88KB