2aeddafa92b6b6d22ccc4a7e43622f21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aeddafa92b6b6d22ccc4a7e43622f21_JaffaCakes118
Size

164KB
MD5

2aeddafa92b6b6d22ccc4a7e43622f21
SHA1

95bf96b1cf4b8b4e4f23c7855d1b575e80f7be8f
SHA256

d5cc3290de34c21e6dd4c8319505d6021af6232f730ffa2ed423fce355a3019a
SHA512

8b0f23fa790c5a0842ec5cabbed23bcfb7f05e5ffea891749c28f368491690d26102d1f9cb24bf69bd91e2d0c441d181a15164380152c6d5a030b04e49ccffa4
SSDEEP

3072:mvZgiywgptbLi17nYerYen5f1Kb+Ur9iVKcI1v2SNvGMXHJZ276Whfl7OYPU:qZhK7yn/rDnWbNjpVNJsDhfkY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aeddafa92b6b6d22ccc4a7e43622f21_JaffaCakes118

Files

2aeddafa92b6b6d22ccc4a7e43622f21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

903ee506b61fd241c743cb8a2a6a8596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperA
GetKeyState
CharNextA
MessageBoxA
wsprintfW
wsprintfA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

kernel32

DeleteCriticalSection
GetTempPathW
UnmapViewOfFile
MultiByteToWideChar
GetEnvironmentVariableA
GetStringTypeW
RtlUnwind
GetPriorityClass
GetCPInfo
CreateFileW
LeaveCriticalSection
SetUnhandledExceptionFilter
CreateMutexA
CreateFileMappingA
SetLastError
GlobalFree
GetThreadIOPendingFlag
TlsAlloc
WideCharToMultiByte
GetStdHandle
RaiseException
FileTimeToLocalFileTime
GetCurrentThreadId
TransmitCommChar
ExitThread
GetTempPathA
GetFileType
InterlockedIncrement
FlushFileBuffers
WritePrivateProfileStringA
ReleaseSemaphore
GetCurrentProcess
SetEvent
LoadLibraryW
TerminateProcess
lstrcmpA
WaitForSingleObject
MapViewOfFile
GetCommandLineA
CompareStringA
GetStringTypeA
GlobalUnlock
WriteFile
HeapAlloc
TlsSetValue
GetSystemTime
FreeEnvironmentStringsA
EnterCriticalSection
GetFullPathNameW
CompareStringW
LCMapStringW
HeapCreate
Sleep
GetTempFileNameA
CloseHandle
EnumResourceNamesW
GetDiskFreeSpaceExA
SetStdHandle
FreeEnvironmentStringsW
TlsFree
CreateThread
GetOEMCP
lstrcmpW
GetLastError
GetModuleHandleA
GetACP
HeapDestroy
IsDBCSLeadByte
UnhandledExceptionFilter
ExitProcess
GetThreadPriority
HeapFree
GetModuleFileNameA
lstrcpyA
InterlockedExchange
GetTickCount
ExitProcess
FreeLibrary
IsBadCodePtr
GetTimeZoneInformation
IsBadWritePtr
SetPriorityClass
GetPrivateProfileStringA
GetStartupInfoA
TlsGetValue
HeapReAlloc
InterlockedDecrement
ResetEvent
GlobalAlloc
FileTimeToSystemTime
OutputDebugStringA
GetProcAddress
SetHandleCount
IsBadReadPtr
GetEnvironmentStringsW
CreateSemaphoreA
SetEndOfFile
HeapSize
InitializeCriticalSection
GetEnvironmentStrings
GetFullPathNameA
LCMapStringA
GetUserDefaultLCID
LoadLibraryA
SetEnvironmentVariableA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

903ee506b61fd241c743cb8a2a6a8596

Headers

File Characteristics

Imports

user32

msimg32

shlwapi

kernel32

advapi32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.crt
Size: 512B - Virtual size: 72KB