3a7e3727f0814686206e5a2a3da2daf7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a7e3727f0814686206e5a2a3da2daf7_JaffaCakes118
Size

172KB
MD5

3a7e3727f0814686206e5a2a3da2daf7
SHA1

2f5456cdf00c6dc03c4998df341d5ab3be49f9d7
SHA256

9c64eaf7aeab576e021ba974b1f42e2a774039a328f0598ddcd5054a3efe8318
SHA512

e60692d879e316eff751501c5883ce8a906a1a696ed1b3e739993dc3fff70dfd6d35914bb9571cef341b21bc0b229e01dbca97b20427e22a90f11d43886b4a7b
SSDEEP

3072:KJzDexEXD4/W/PSYcCOmZtWe59NLhrPx1vXgViqbrjyw0FaWGRHoO:K9pXr/PSYcXmZp91H1/VurmwTl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a7e3727f0814686206e5a2a3da2daf7_JaffaCakes118

Files

3a7e3727f0814686206e5a2a3da2daf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

359f362318afb8ae1fb91ca8fc453c94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

user32

CharNextA
GetKeyState
wsprintfW
wsprintfA
MessageBoxA
CharUpperA
CharLowerA

kernel32

ReleaseSemaphore
InterlockedDecrement
TlsFree
GetStartupInfoA
WritePrivateProfileStringA
lstrcmpA
FileTimeToLocalFileTime
GetThreadIOPendingFlag
TerminateProcess
SetUnhandledExceptionFilter
SetStdHandle
InitializeCriticalSection
CreateSemaphoreA
GetTimeZoneInformation
TlsSetValue
GetEnvironmentStrings
RaiseException
GetACP
GetTempPathW
LoadLibraryA
HeapFree
UnmapViewOfFile
SetLastError
ExitThread
GetCurrentProcess
GetTempPathA
GetThreadPriority
CompareStringA
FreeEnvironmentStringsW
HeapSize
HeapAlloc
FreeLibrary
TransmitCommChar
GetFullPathNameW
ResetEvent
WaitForSingleObject
OutputDebugStringA
IsBadWritePtr
GetModuleFileNameA
GetFullPathNameA
GetDiskFreeSpaceExA
CreateMutexA
IsBadCodePtr
GetStringTypeW
FreeEnvironmentStringsA
HeapReAlloc
GetModuleHandleA
EnumResourceNamesW
WriteFile
GetEnvironmentVariableA
GetUserDefaultLCID
GetCommandLineA
GetPriorityClass
FlushFileBuffers
GetTempFileNameA
SetHandleCount
RtlUnwind
lstrcpyA
DeleteCriticalSection
InterlockedIncrement
CreateFileW
CompareStringW
ExitProcess
CreateThread
GetSystemTime
GlobalAlloc
CloseHandle
SetEvent
GlobalUnlock
GetCurrentThreadId
GetEnvironmentStringsW
GetLastError
TlsGetValue
HeapCreate
SetEndOfFile
GetStdHandle
GetTickCount
ExitProcess
FileTimeToSystemTime
WideCharToMultiByte
IsBadReadPtr
CreateFileMappingA
GetOEMCP
LCMapStringW
GetFileType
UnhandledExceptionFilter
Sleep
GetProcAddress
GetStringTypeA
LeaveCriticalSection
GetCPInfo
InterlockedExchange
HeapDestroy
IsDBCSLeadByte
EnterCriticalSection
lstrcmpW
GetPrivateProfileStringA
MapViewOfFile
SetPriorityClass
LCMapStringA
MultiByteToWideChar
TlsAlloc
LoadLibraryW
GlobalFree
SetEnvironmentVariableA

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

359f362318afb8ae1fb91ca8fc453c94

Headers

File Characteristics

Imports

msimg32

shlwapi

advapi32

user32

kernel32

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 25KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 212KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 25KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 212KB