2a694abe2111b3bcd4a998a2feef47c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a694abe2111b3bcd4a998a2feef47c1_JaffaCakes118
Size

188KB
MD5

2a694abe2111b3bcd4a998a2feef47c1
SHA1

9a9eda196408fe30f4c9b652e4bf8dd48d5f3278
SHA256

bc2937d55b0e249a0d5b3bb600fd91bc36589a0a621a6cec28cd7aa0fc372912
SHA512

215c3f20d649401e380590912268978e5bc55c63162c0a8f2bf3fd64647f9542f6a8c387ab19d02f0d66ea46493f0b8c1964733e9528cfa55b875224c3f6c891
SSDEEP

3072:iUGN61+8MuLImTiaZrQu9ld5y1Tf8JcVZjjbIc85cQgDct0/TFiyr0CG8xyfPOf0:TqyKkIm9Z7XQ1TkS7jkxTORLrVSnaXa9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a694abe2111b3bcd4a998a2feef47c1_JaffaCakes118

Files

2a694abe2111b3bcd4a998a2feef47c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0128eafafa002d4e099395c2d3946b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

user32

wsprintfW
GetKeyState
CharUpperA
wsprintfA
CharNextA
MessageBoxA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

kernel32

GetThreadIOPendingFlag
IsBadReadPtr
GetSystemTime
ReleaseSemaphore
GetEnvironmentVariableA
GetStringTypeW
LCMapStringW
CreateThread
GetFileType
DeleteCriticalSection
IsBadCodePtr
TlsFree
TlsAlloc
TlsGetValue
GetDiskFreeSpaceExA
GetPrivateProfileStringA
UnhandledExceptionFilter
SetStdHandle
WideCharToMultiByte
SetEndOfFile
SetHandleCount
FileTimeToSystemTime
GetLastError
Sleep
RaiseException
TransmitCommChar
GetModuleHandleA
SetLastError
HeapReAlloc
GetCommandLineA
SetUnhandledExceptionFilter
lstrcmpW
InitializeCriticalSection
FileTimeToLocalFileTime
SetEvent
GetUserDefaultLCID
CompareStringA
GetACP
MultiByteToWideChar
TerminateProcess
GetStdHandle
GetCPInfo
CloseHandle
HeapSize
GetTempPathW
GetTickCount
GlobalFree
GetOEMCP
GetTempPathA
IsBadWritePtr
GetModuleFileNameA
GetEnvironmentStringsW
GetPriorityClass
SetPriorityClass
GetProcAddress
GlobalAlloc
FlushFileBuffers
EnumResourceNamesW
GetStartupInfoA
WritePrivateProfileStringA
GetTempFileNameA
CreateSemaphoreA
UnmapViewOfFile
GetFullPathNameW
GetFullPathNameA
CreateFileW
GetEnvironmentStrings
lstrcmpA
LCMapStringA
ExitProcess
LeaveCriticalSection
InterlockedExchange
InterlockedDecrement
GetCurrentProcess
LoadLibraryW
GetThreadPriority
GetTimeZoneInformation
HeapFree
CreateMutexA
ExitProcess
CompareStringW
GlobalUnlock
HeapAlloc
RtlUnwind
GetStringTypeA
FreeEnvironmentStringsW
CreateFileMappingA
GetCurrentThreadId
LoadLibraryA
FreeLibrary
lstrcpyA
TlsSetValue
WaitForSingleObject
OutputDebugStringA
HeapDestroy
MapViewOfFile
EnterCriticalSection
ExitThread
IsDBCSLeadByte
HeapCreate
ResetEvent
FreeEnvironmentStringsA
WriteFile
InterlockedIncrement
SetEnvironmentVariableA

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0128eafafa002d4e099395c2d3946b0

Headers

File Characteristics

Imports

shlwapi

user32

msimg32

advapi32

kernel32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 25KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 25KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 84KB