2183bf8315ae86f704ac73f3a0f81161_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2183bf8315ae86f704ac73f3a0f81161_JaffaCakes118
Size

152KB
MD5

2183bf8315ae86f704ac73f3a0f81161
SHA1

50b26f6afec26019c7d760d5b7fe194a4184ba1f
SHA256

2d74999cd72020ca81060f7d6a63e3103509585e810752842fe8d9a0c632546d
SHA512

086fa770661b8c1afce78cfd57753202cd44bb2ccea75a196c0354f05271741cb52b76acecaab52444976474b83bcd6419e2aa5984f54a9ae212c1d41cf05806
SSDEEP

3072:274+ZxlCwZyWRWInn8YDjZC6Jrl84Z/G2Dp4uRMHqcofkLzvRJ:2cyQSn8YRCCJ8AnREJofKvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2183bf8315ae86f704ac73f3a0f81161_JaffaCakes118

Files

2183bf8315ae86f704ac73f3a0f81161_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b20431d6013624e800cc37db8700303

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetFullPathNameA
FatalAppExitA
WriteProfileStringW
LocalHandle
SetVolumeMountPointW
GetCurrentDirectoryA
GetWindowsDirectoryW
GetPrivateProfileSectionA
GetCPInfoExA
FlushFileBuffers
DeleteAtom
IsValidCodePage
MoveFileA
GetVersion
HeapAlloc
EnterCriticalSection
FlushFileBuffers
GetStdHandle
CreateEventA
GetACP
MapViewOfFile
TerminateProcess
HeapDestroy
WriteFile
GetLastError
UnmapViewOfFile
lstrcpyA
GetProcAddress
FreeLibrary
GetOEMCP
GetCurrentProcessId
Sleep
CreateThread
InterlockedDecrement
GetFileType
TlsSetValue
IsBadReadPtr
InterlockedIncrement
LoadLibraryA
GetModuleHandleA
GetStringTypeW
SetStdHandle
CloseHandle
GlobalFree
VirtualFree
LeaveCriticalSection
CreateFileMappingA
DeleteCriticalSection
LoadLibraryExA
GetTickCount
OpenEventA
GetVersion
SetFileAttributesA
UnhandledExceptionFilter
MultiByteToWideChar
ExitProcess
IsBadCodePtr
WideCharToMultiByte
HeapFree
TlsGetValue
HeapCreate
VirtualAlloc
OpenFileMappingA
GlobalAlloc
SetHandleCount
WaitForSingleObject
GetCurrentProcess
ExitThread
TlsAlloc
GetModuleFileNameA
GetCPInfo
PulseEvent
DeleteFileA
SetFilePointer
InitializeCriticalSection
GetStartupInfoA
LCMapStringA
IsBadWritePtr
LCMapStringW
lstrlenA
SetLastError
CreateFileA
GetCurrentThreadId
GetCommandLineA
GetStringTypeA
HeapReAlloc
RtlUnwind

user32

ShowWindow
GetDlgItemTextA
CreateWindowExA
SendDlgItemMessageA
SetWindowTextA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 133KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b20431d6013624e800cc37db8700303

Headers

File Characteristics

Imports

kernel32

user32

version

advapi32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 10KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 133KB - Virtual size: 155KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 10KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 133KB - Virtual size: 155KB