1c595d910e3a6c3ff88229ef018c8376_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c595d910e3a6c3ff88229ef018c8376_JaffaCakes118
Size

166KB
MD5

1c595d910e3a6c3ff88229ef018c8376
SHA1

20147f0c61df06d32652e9e7d3b6ab051383d40f
SHA256

57ed6111a3080d6752b21513cb4ed1ec1536c964e00855f190c16aa31ec3507f
SHA512

be1488cddbe428a118fbba0509b78811e38d219b1d43850ae0741cff3c582b5610ffc47f8f0fd3106d9e377c98ed81f425b8fa80255e12182180102906e2c3ad
SSDEEP

3072:dLVnKCZk+IFAUY/8dWFJVcVvLqCv80KsDFCXlvdHArtX8S+TJ38eHxYIx2X7:dLdk+eAV/8d4AzqCvn9FCXlVgp0NHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c595d910e3a6c3ff88229ef018c8376_JaffaCakes118

Files

1c595d910e3a6c3ff88229ef018c8376_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3add6eb6bdc8eda81a08749cb098ae98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
GetACP
FileTimeToSystemTime
GetEnvironmentStringsW
Sleep
IsBadWritePtr
TerminateProcess
GetThreadIOPendingFlag
GetModuleHandleA
GetFileType
TlsFree
ResetEvent
HeapDestroy
MapViewOfFile
SetStdHandle
SetPriorityClass
SetEvent
CreateSemaphoreA
WriteFile
GetPrivateProfileStringA
IsBadReadPtr
WideCharToMultiByte
FreeEnvironmentStringsW
WaitForSingleObject
GetLastError
GetOEMCP
TlsAlloc
MultiByteToWideChar
InterlockedIncrement
HeapReAlloc
RtlUnwind
SetLastError
LCMapStringA
HeapAlloc
DeleteCriticalSection
TransmitCommChar
LCMapStringW
GetProcAddress
GetTimeZoneInformation
IsDBCSLeadByte
HeapCreate
GetPriorityClass
CreateFileW
InitializeCriticalSection
EnumResourceNamesW
GetFullPathNameA
GetCurrentThreadId
IsBadCodePtr
HeapFree
LoadLibraryA
GlobalUnlock
ReleaseSemaphore
HeapSize
InterlockedExchange
GlobalAlloc
GetCPInfo
ExitThread
GetDiskFreeSpaceExA
lstrcmpA
GetEnvironmentVariableA
GetStringTypeW
GetStartupInfoA
GetStringTypeA
GetTempPathA
SetHandleCount
GetStdHandle
TlsSetValue
FlushFileBuffers
ExitProcess
CreateThread
GetModuleFileNameA
CompareStringA
GetTempFileNameA
GlobalFree
GetSystemTime
FreeLibrary
FreeEnvironmentStringsA
SetEndOfFile
WritePrivateProfileStringA
GetCommandLineA
InterlockedDecrement
lstrcmpW
LoadLibraryW
lstrcpyA
CloseHandle
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
CompareStringW
GetCurrentProcess
GetTempPathW
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
RaiseException
GetUserDefaultLCID
UnhandledExceptionFilter
ExitProcess
GetTickCount
CreateMutexA
GetEnvironmentStrings
TlsGetValue
GetFullPathNameW
CreateFileMappingA
GetThreadPriority
SetEnvironmentVariableA

shlwapi

PathAddBackslashA

user32

CharUpperA
wsprintfA
wsprintfW
MessageBoxA
GetKeyState
CharNextA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3add6eb6bdc8eda81a08749cb098ae98

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

msimg32

advapi32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 72KB