31248425b4bd2a67c4c30142fca63f43_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31248425b4bd2a67c4c30142fca63f43_JaffaCakes118
Size

84KB
MD5

31248425b4bd2a67c4c30142fca63f43
SHA1

03d60bcbbad48adaf4e9ccfaf71dc2669be8bcaa
SHA256

435e07c7dc709052ff1aa16f116cc1cc0448ddbf9b4742357e77bdd89defed76
SHA512

389c0a6062458965c44726a21252ceecb3d4a810cdd523b24dde1b99336c77561f44031e56e61aca2ed52abacc5d8c1176831cfb0874a16bbcddc428ca5bf0ba
SSDEEP

1536:QG7kPre8yiwzuzTKL0GD83lDqAcFoDk6:QGse8bw4TWV25qAcFoDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31248425b4bd2a67c4c30142fca63f43_JaffaCakes118

Files

31248425b4bd2a67c4c30142fca63f43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac6e403b2ef4aaff167c9c23f2460c54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleFileNameA
GetExitCodeThread
WaitForSingleObject
CreateThread
TerminateProcess
ExitProcess
GetVersion
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetOEMCP
CreateToolhelp32Snapshot
GetCPInfo
GetStringTypeW
GetStringTypeA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapSize
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
IsBadWritePtr
Process32First
Process32Next
GetFileAttributesA
FindFirstFileA
SetFileAttributesA
DeleteFileA
FindNextFileA
FindClose
RemoveDirectoryA
CloseHandle
InterlockedDecrement
lstrlenA
MultiByteToWideChar
GetLastError
GetACP
LocalFree
GetCommandLineA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetProcAddress
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
WideCharToMultiByte
RaiseException

user32

SendMessageA
GetWindowThreadProcessId
GetForegroundWindow
mouse_event
FindWindowExA
SetCursorPos
EndDialog
DefWindowProcA
DestroyWindow
DialogBoxParamA
BeginPaint
GetClientRect
DrawTextA
EndPaint
PostQuitMessage
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
GetWindowRect

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

ShellExecuteExA

ole32

CoUninitialize
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoInitialize

oleaut32

VariantChangeType
SysAllocString
VariantInit
SysFreeString
GetErrorInfo
VariantClear

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac6e403b2ef4aaff167c9c23f2460c54

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 48KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 48KB

.rsrc
Size: 4KB - Virtual size: 2KB