223a40410e96a3459937c5b73ce1ab89_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

223a40410e96a3459937c5b73ce1ab89_JaffaCakes118
Size

164KB
MD5

223a40410e96a3459937c5b73ce1ab89
SHA1

d32d9c359d181cfbbda4f66448ab30cc1d09d947
SHA256

fb62f30ccc4481fe9290a23681e2d0cc08380225416976cf2534f34e87814f95
SHA512

77edf8dd1b9c4fbc6dd482abd5c51373bbfde874218367d5a6c0b9ba44325d66f9b0265360de9e34f78e133f2f83fc55dac8d0b9f595fef563f35690de046db5
SSDEEP

3072:T5HipxTJVfOCToi7kjGw0NL6rGBFMC0yAiACPuL66AM5z0vhi/4nAS8U7y:dmTJNI8imeGB6CzPSZA6zehJA3Uu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
223a40410e96a3459937c5b73ce1ab89_JaffaCakes118

Files

223a40410e96a3459937c5b73ce1ab89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79da2674952ca6bf66b8d9731f3babb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
GetKeyState
wsprintfW
MessageBoxA
CharUpperA
CharNextA
CharLowerA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shlwapi

PathAddBackslashA

kernel32

GetEnvironmentStrings
InterlockedExchange
GetThreadIOPendingFlag
GetCommandLineA
FileTimeToLocalFileTime
DeleteCriticalSection
LCMapStringW
GetModuleHandleA
ExitThread
CompareStringA
HeapCreate
SetEvent
MultiByteToWideChar
GetTempPathW
GetModuleFileNameA
ResetEvent
SetLastError
InterlockedIncrement
MapViewOfFile
WideCharToMultiByte
RaiseException
TlsAlloc
GetDiskFreeSpaceExA
FreeEnvironmentStringsA
GetOEMCP
FreeEnvironmentStringsW
ExitProcess
SetHandleCount
TlsSetValue
GetCPInfo
lstrcmpA
GetEnvironmentStringsW
GetFullPathNameW
TransmitCommChar
HeapAlloc
LoadLibraryA
RtlUnwind
GetCurrentThreadId
ReleaseSemaphore
GetTickCount
SetEndOfFile
SetUnhandledExceptionFilter
GetStringTypeW
WriteFile
EnterCriticalSection
FlushFileBuffers
IsBadCodePtr
GetUserDefaultLCID
UnhandledExceptionFilter
TlsFree
CreateFileW
GlobalUnlock
GetSystemTime
CreateFileMappingA
GetStdHandle
FreeLibrary
SetStdHandle
EnumResourceNamesW
CreateMutexA
WritePrivateProfileStringA
UnmapViewOfFile
GetThreadPriority
GetLastError
OutputDebugStringA
LoadLibraryW
Sleep
GetTempPathA
GetFileType
IsDBCSLeadByte
GetStartupInfoA
GetPriorityClass
SetPriorityClass
GetStringTypeA
FileTimeToSystemTime
HeapReAlloc
TerminateProcess
CreateSemaphoreA
TlsGetValue
InitializeCriticalSection
ExitProcess
CreateThread
LCMapStringA
GetFullPathNameA
IsBadReadPtr
CloseHandle
GlobalFree
CompareStringW
InterlockedDecrement
GetProcAddress
WaitForSingleObject
HeapSize
GetTempFileNameA
GlobalAlloc
GetPrivateProfileStringA
HeapDestroy
HeapFree
lstrcpyA
LeaveCriticalSection
IsBadWritePtr
lstrcmpW
GetTimeZoneInformation
GetCurrentProcess
GetACP
GetEnvironmentVariableA
SetEnvironmentVariableA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79da2674952ca6bf66b8d9731f3babb7

Headers

File Characteristics

Imports

user32

advapi32

shlwapi

kernel32

msimg32

Sections

.text Size: 138KB - Virtual size: 138KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 20KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 138KB - Virtual size: 138KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 20KB

.crt
Size: 512B - Virtual size: 68KB