407406af427c467021fef138121b239f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

407406af427c467021fef138121b239f_JaffaCakes118
Size

160KB
MD5

407406af427c467021fef138121b239f
SHA1

904fe6009bb924bb307c6d8f483bd66784fa68c6
SHA256

4b3ae06e546d2358368324739feae929ce36896fcef6c5fb127e871d394fd868
SHA512

ae88f0a50cef4e17b1abfce910931d4ded831523c7086bb070471bf30874b59fec0a9c28ce62d6d4f5039e0eef665c0ee5c5782540360a847b1f5d4a9b8e2f6e
SSDEEP

3072:mQ5M+z7y60Z9Z0uUczAAF8J0Hv87y8E0QaA6Rubdk0ISjEimQgGnD6/6sOEWih:mQW+CNZ0tcz3cN5FRcjIfimQgydsOQh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
407406af427c467021fef138121b239f_JaffaCakes118

Files

407406af427c467021fef138121b239f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fd7e047cb030d24567142d45c6b05e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
wsprintfW
wsprintfA
GetKeyState
CharUpperA
CharNextA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

kernel32

GetTimeZoneInformation
WideCharToMultiByte
SetUnhandledExceptionFilter
ExitProcess
FileTimeToSystemTime
GetThreadIOPendingFlag
LoadLibraryW
GetCommandLineA
SetHandleCount
GetModuleHandleA
WaitForSingleObject
IsBadCodePtr
FlushFileBuffers
MapViewOfFile
HeapDestroy
InterlockedExchange
FreeLibrary
GetStringTypeW
GetTempFileNameA
GetStdHandle
GetDiskFreeSpaceExA
TransmitCommChar
GetOEMCP
GetTempPathW
EnterCriticalSection
GetProcAddress
GetFullPathNameW
CreateSemaphoreA
UnmapViewOfFile
LCMapStringW
IsBadReadPtr
IsBadWritePtr
GetPrivateProfileStringA
GetTickCount
GetEnvironmentStringsW
InterlockedDecrement
LoadLibraryA
HeapReAlloc
HeapSize
SetEvent
OutputDebugStringA
GetEnvironmentStrings
lstrcpyA
GlobalAlloc
GetCurrentProcess
GlobalUnlock
TlsSetValue
ExitThread
SetPriorityClass
FreeEnvironmentStringsA
HeapAlloc
HeapFree
SetStdHandle
IsDBCSLeadByte
UnhandledExceptionFilter
CreateFileW
MultiByteToWideChar
EnumResourceNamesW
ReleaseSemaphore
CompareStringW
CompareStringA
GetACP
GetPriorityClass
HeapCreate
ExitProcess
ResetEvent
SetLastError
TlsGetValue
RaiseException
WriteFile
lstrcmpW
FreeEnvironmentStringsW
CloseHandle
GetFullPathNameA
LCMapStringA
TlsAlloc
GetStartupInfoA
GetThreadPriority
GetCurrentThreadId
TerminateProcess
SetEndOfFile
GetEnvironmentVariableA
LeaveCriticalSection
GetTempPathA
GetModuleFileNameA
GetLastError
GetFileType
GlobalFree
WritePrivateProfileStringA
TlsFree
GetSystemTime
lstrcmpA
InitializeCriticalSection
InterlockedIncrement
GetUserDefaultLCID
CreateFileMappingA
GetCPInfo
FileTimeToLocalFileTime
RtlUnwind
GetStringTypeA
DeleteCriticalSection
Sleep
CreateMutexA
CreateThread
SetEnvironmentVariableA

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fd7e047cb030d24567142d45c6b05e4

Headers

File Characteristics

Imports

user32

msimg32

shlwapi

advapi32

kernel32

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 26KB - Virtual size: 25KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 26KB - Virtual size: 25KB

.crt
Size: 512B - Virtual size: 72KB