20cacea545e075e2c02e6f2a6a9ea2b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

20cacea545e075e2c02e6f2a6a9ea2b7_JaffaCakes118
Size

885KB
MD5

20cacea545e075e2c02e6f2a6a9ea2b7
SHA1

c1a88ca4bbb87586fa03098c82d98ee3e8058018
SHA256

a7e5fd2bc1d8f39b67db8a306a7b90ec5f7dc19e5d6c7fe612410d52585b49ee
SHA512

807731a1c18568d10a7ef8546b4afcab9cafafd01fd0c2db14ead86e026a13c87bdd1619b9cf1156abde46c4ffc5cc7ef62139a4917922bb2392ffede208f044
SSDEEP

24576:FLztzL9m/r51PDBQU3u/ef730aMHGplvjW:/zM/F1BQWu/C0a2KjW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20cacea545e075e2c02e6f2a6a9ea2b7_JaffaCakes118

Files

20cacea545e075e2c02e6f2a6a9ea2b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f06a2bf3a199b119d16a42e01e4928a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegSetValueExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

user32

SetWindowPos
DispatchMessageA
PeekMessageA
GetCursorPos
GetClientRect
DestroyWindow
GetMessageA
GetParent
UpdateWindow
ShowWindow
EnableWindow
TranslateMessage
GetWindow
LoadStringA
EnableMenuItem
RegisterClassA
GetWindowLongA
SetTimer
FillRect
SetFocus
ClientToScreen
PostQuitMessage
KillTimer
GetSystemMetrics
GetWindowRect
SetWindowLongA
SetWindowTextA
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
EndDialog
GetSysColor
GetKeyState
IsWindowVisible
GetFocus
InvalidateRect
wsprintfA
DrawTextA
CallWindowProcA
ReleaseDC
SetCursor
MoveWindow
SetForegroundWindow
BeginPaint

gdi32

SetBkColor
GetDeviceCaps
DeleteDC
GetStockObject
SetTextColor
SelectObject

kernel32

FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetLocaleInfoA
LocalAlloc
ExpandEnvironmentStringsA
FreeEnvironmentStringsW
MultiByteToWideChar
SetStdHandle
GetTempPathA
GetCPInfo
lstrcmpiA
GetStringTypeA
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetOEMCP
LocalFree
GetExitCodeProcess
InitializeCriticalSection
HeapDestroy
FindClose
InterlockedDecrement
FormatMessageA
OutputDebugStringA
SetLastError
GetEnvironmentVariableA
GetModuleFileNameW
IsDebuggerPresent
FlushFileBuffers
GetModuleFileNameA
LoadLibraryExA
GetPrivateProfileStringA
UnhandledExceptionFilter
TlsGetValue
GetLocalTime
CreateMutexA
SetFilePointer
CreateThread
SetUnhandledExceptionFilter
GetSystemDirectoryA
TerminateProcess
WriteConsoleA
GlobalAlloc
GetConsoleMode
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
GetConsoleOutputCP
GetStdHandle
LoadResource
GetCurrentProcessId
GetCommandLineA
GetLastError
GetCurrentThreadId
GetTickCount
GetVersion
GetCurrentThread
GetModuleHandleA
ExitProcess
HeapAlloc
GetProcessHeap
VirtualAlloc
FindResourceA
Sleep
VirtualFree
WriteFile
HeapCreate
IsValidCodePage
GetEnvironmentStrings
GetACP
CloseHandle
ReadFile
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
SizeofResource
FileTimeToLocalFileTime
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
LoadLibraryExW
InterlockedIncrement
CreateFileA
TlsSetValue
GetFileType
CreateFileW
GlobalLock
WaitForMultipleObjects
FindNextFileA
CreateFileMappingA
ResetEvent
FindFirstFileA
GetSystemInfo
GetProcAddress
SetErrorMode
GetModuleHandleW
GetStartupInfoA
FreeLibrary
DeleteFileA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
LeaveCriticalSection
SetEndOfFile

msvcrt

_cexit
exit
_exit

Sections

.text
Size: 844KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f06a2bf3a199b119d16a42e01e4928a4

Headers

File Characteristics

Imports

advapi32

ole32

user32

gdi32

kernel32

msvcrt

Sections

.text Size: 844KB - Virtual size: 1.1MB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 844KB - Virtual size: 1.1MB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 10KB - Virtual size: 9KB