21b7445e1e80f1e9d74833def396eb89_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21b7445e1e80f1e9d74833def396eb89_JaffaCakes118
Size

452KB
MD5

21b7445e1e80f1e9d74833def396eb89
SHA1

afcf4d3fa91b043fa3fb4c42622376c6819cdf25
SHA256

99e2c90f4d499d0083efd1c9ebe1b0ca471b72aefdb8643985a94b124fe4d82d
SHA512

4204888c41079b6358cba05af6c7df380cbdaaf246b70057485dbdc48200f8a5328cb8444562895ac3c57c341bd3882fd07c20083ee428da59497ceb78f0a79f
SSDEEP

12288:ksmWKvbt7ojuxOGE0RDyObqHfcjvBxkIX:kQKx3xORGySLjpxk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21b7445e1e80f1e9d74833def396eb89_JaffaCakes118

Files

21b7445e1e80f1e9d74833def396eb89_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7e9f02af8ea39956d5b7f1e68f45371d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
DeleteDC
GetStockObject
CreateCompatibleDC
BitBlt
SelectObject

kernel32

HeapCreate
WideCharToMultiByte
CreateProcessA
GetEnvironmentStrings
GetVersion
GetACP
lstrcpynA
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
GetCurrentProcessId
SizeofResource
VirtualFree
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GlobalFree
lstrlenA
LCMapStringW
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
RemoveDirectoryA
GetProcAddress
FindFirstFileW
CreateFileMappingA
ResetEvent
FindFirstFileA
GetProcessHeap
GlobalLock
SetEvent
GetWindowsDirectoryA
GetModuleHandleW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetExitCodeProcess
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
GetConsoleMode
GlobalAlloc
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
WriteFile
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
lstrcatA
LocalAlloc
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
FindNextFileA
LockResource
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetEnvironmentVariableA
RtlUnwind
GetOEMCP
VirtualAlloc
IsBadReadPtr
Sleep
CreateProcessW
GetCurrentThread

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

user32

SendMessageA
InvalidateRect
GetKeyState
GetSysColor
MessageBoxA
MoveWindow
LoadIconA
ScreenToClient
GetDlgItem
SetTimer
GetWindowRect
GetSystemMetrics
MapWindowPoints
BeginPaint
PeekMessageA
SetFocus
FillRect
CreateWindowExA
EnableMenuItem
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
SetWindowPos
EnableWindow
UpdateWindow
GetClientRect
GetDC
EndPaint
DispatchMessageA
IsWindow
LoadBitmapA
PostQuitMessage
DestroyMenu
SetForegroundWindow
SetCursor
CallWindowProcA

advapi32

RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 420KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e9f02af8ea39956d5b7f1e68f45371d

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 20KB

.data Size: 420KB - Virtual size: 418KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 20KB

.data
Size: 420KB - Virtual size: 418KB

.rsrc
Size: 4KB - Virtual size: 1KB