2379e5466de24b2bb7e3a138a83a976d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2379e5466de24b2bb7e3a138a83a976d_JaffaCakes118
Size

178KB
MD5

2379e5466de24b2bb7e3a138a83a976d
SHA1

9ecd50c6aaec09a8054b2891f4d1cf27ace048e9
SHA256

69012241121fad37d714c5cc2e7dc95ca64b415f6d69a5b7794fd1cf5f045dca
SHA512

0bafa89dc4ad6086ea292ffe2fca4d995e9233876cc0dde667af68f2b5613430d334c15154773c885f97f614e4a80880b6713604f673eaf1339213d282aab16b
SSDEEP

3072:C/YgOk1lwZ/uwFl/K0vx99v73sgLkryCaYI8cGrYOlVOa9OP8FpXPuuf:C/HOkTOuwF0AD0OCfIolgao8Flt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2379e5466de24b2bb7e3a138a83a976d_JaffaCakes118

Files

2379e5466de24b2bb7e3a138a83a976d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f68ecb221ab6a9d792839c416da2bfc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
LoadLibraryA
TlsSetValue
DeleteCriticalSection
lstrcmpA
GetTickCount
TlsGetValue
InitializeCriticalSection
LCMapStringW
OutputDebugStringA
GetThreadIOPendingFlag
SetPriorityClass
FreeEnvironmentStringsA
MultiByteToWideChar
GetTempPathA
HeapReAlloc
RtlUnwind
GetSystemTime
InterlockedDecrement
CreateMutexA
ExitProcess
HeapDestroy
HeapSize
UnhandledExceptionFilter
UnmapViewOfFile
GetTempFileNameA
GetCPInfo
GetDiskFreeSpaceExA
TransmitCommChar
LeaveCriticalSection
SetStdHandle
GetFullPathNameA
InterlockedIncrement
GetThreadPriority
InterlockedExchange
FileTimeToLocalFileTime
IsBadReadPtr
SetEndOfFile
GetTempPathW
GetUserDefaultLCID
IsBadWritePtr
SetHandleCount
SetLastError
GetFullPathNameW
GetEnvironmentStrings
FreeEnvironmentStringsW
GlobalUnlock
GlobalAlloc
HeapAlloc
WideCharToMultiByte
CreateSemaphoreA
FileTimeToSystemTime
EnumResourceNamesW
ReleaseSemaphore
RaiseException
GlobalFree
LoadLibraryW
CreateFileMappingA
GetModuleHandleA
CompareStringW
GetACP
HeapCreate
GetTimeZoneInformation
CreateFileW
ExitProcess
SetEvent
GetProcAddress
GetCommandLineA
GetStringTypeA
EnterCriticalSection
lstrcpyA
GetModuleFileNameA
ExitThread
GetOEMCP
GetCurrentThreadId
GetCurrentProcess
GetEnvironmentVariableA
lstrcmpW
SetUnhandledExceptionFilter
CreateThread
GetEnvironmentStringsW
GetStdHandle
WaitForSingleObject
ResetEvent
FreeLibrary
CloseHandle
FlushFileBuffers
WritePrivateProfileStringA
Sleep
CompareStringA
HeapFree
MapViewOfFile
IsDBCSLeadByte
GetPrivateProfileStringA
GetFileType
TlsFree
LCMapStringA
GetLastError
TerminateProcess
TlsAlloc
WriteFile
IsBadCodePtr
GetPriorityClass
GetStringTypeW
SetEnvironmentVariableA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

user32

wsprintfW
MessageBoxA
GetKeyState
CharNextA
CharUpperA
wsprintfA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f68ecb221ab6a9d792839c416da2bfc7

Headers

File Characteristics

Imports

kernel32

advapi32

user32

msimg32

shlwapi

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 27KB

.crt Size: 512B - Virtual size: 220KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 27KB

.crt
Size: 512B - Virtual size: 220KB