4560035993c2de579b92675e09188648_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4560035993c2de579b92675e09188648_JaffaCakes118
Size

160KB
MD5

4560035993c2de579b92675e09188648
SHA1

014d9bcffe9f3e822b77b5f583251a75f70c901a
SHA256

095735e426d131d132128ed5b6936880f05c810ae20deddb893007a910b7052d
SHA512

6fde81bab2447a1d33802f4a0994d616bba753cde512bee77c4793ef4157edb0e9a510fcb28a1b3554cc9172787f3a8f6d0c213717055139519a018b6c91722c
SSDEEP

3072:7w7zIxZwxVsY+itVehjJnl6ESM98/+oKOyRLfrmaCjeyJl5OhNPV:7wXIxZysmi5l6vGoKOyRLfrmvsz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4560035993c2de579b92675e09188648_JaffaCakes118

Files

4560035993c2de579b92675e09188648_JaffaCakes118
.exe windows:4 windows x86 arch:x86

998ab498f661a86f16d7ba24c82eb702

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

kernel32

lstrcmpA
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
TerminateProcess
CreateSemaphoreA
GetFullPathNameA
GlobalUnlock
GetOEMCP
GetTempPathA
GetTimeZoneInformation
IsBadReadPtr
GetEnvironmentStrings
GetFullPathNameW
WideCharToMultiByte
GetProcAddress
GetThreadIOPendingFlag
HeapFree
GetTickCount
InterlockedExchange
GetModuleHandleA
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStringsW
TlsFree
GetCurrentProcess
ExitProcess
CompareStringW
GetCommandLineA
GetDiskFreeSpaceExA
GetStringTypeA
InitializeCriticalSection
GetModuleFileNameA
GetSystemTime
LCMapStringA
LoadLibraryA
OutputDebugStringA
TransmitCommChar
GetCurrentThreadId
GlobalAlloc
GetTempFileNameA
RtlUnwind
GetStringTypeW
WriteFile
IsDBCSLeadByte
GetPriorityClass
InterlockedIncrement
SetEndOfFile
IsBadCodePtr
ExitThread
CompareStringA
FreeLibrary
LeaveCriticalSection
CreateFileW
EnterCriticalSection
HeapAlloc
GetTempPathW
SetEvent
SetPriorityClass
EnumResourceNamesW
CreateThread
HeapCreate
WaitForSingleObject
RaiseException
SetLastError
HeapReAlloc
GetThreadPriority
FlushFileBuffers
Sleep
DeleteCriticalSection
SetStdHandle
ReleaseSemaphore
GetUserDefaultLCID
FreeEnvironmentStringsW
FileTimeToSystemTime
InterlockedDecrement
ExitProcess
FileTimeToLocalFileTime
GetLastError
GetFileType
lstrcmpW
GlobalFree
LCMapStringW
GetStdHandle
TlsSetValue
MapViewOfFile
CreateMutexA
GetACP
IsBadWritePtr
ResetEvent
GetStartupInfoA
GetEnvironmentVariableA
SetHandleCount
CreateFileMappingA
UnmapViewOfFile
lstrcpyA
GetPrivateProfileStringA
CloseHandle
GetCPInfo
LoadLibraryW
HeapDestroy
UnhandledExceptionFilter
WritePrivateProfileStringA
HeapSize
SetEnvironmentVariableA

user32

wsprintfA
wsprintfW
CharUpperA
CharNextA
GetKeyState
MessageBoxA
CharLowerA

shlwapi

PathAddBackslashA

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

998ab498f661a86f16d7ba24c82eb702

Headers

File Characteristics

Imports

msimg32

advapi32

kernel32

user32

shlwapi

Sections

.text Size: 128KB - Virtual size: 128KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 27KB - Virtual size: 26KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 128KB - Virtual size: 128KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 27KB - Virtual size: 26KB

.crt
Size: 512B - Virtual size: 72KB