5a9a7a29eeaaf6ef1ec79a1ad9bbbfcb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a9a7a29eeaaf6ef1ec79a1ad9bbbfcb_JaffaCakes118
Size

4.8MB
MD5

5a9a7a29eeaaf6ef1ec79a1ad9bbbfcb
SHA1

e221c8fc2147315b0c75c4d34d5d6d9cf11cbc07
SHA256

4bcdb4a426bb4b053fbf6fa80043ba917a4aa7fe025cd47fa21e7799c51fce04
SHA512

2286474c598b710198fa34addbb04dd50fa8c9de220655921a45dc8209c78e4ccbc4008f693d722429c4a7d0d597d0774ded4fdc56f142c9a3594da782f0087a
SSDEEP

98304:Zi77vaOFZAXejQgJ84pBBKUy7p/UnU6y:Z47yrXyn84BKR7p/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a9a7a29eeaaf6ef1ec79a1ad9bbbfcb_JaffaCakes118

Files

5a9a7a29eeaaf6ef1ec79a1ad9bbbfcb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

660240969d8df6b57ce10a1e868385fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateFileA
DeleteCriticalSection
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStrings
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeExA
GetStringTypeW
GetTempPathA
GetThreadLocale
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LockResource
MultiByteToWideChar
RaiseException
ReadFile
ResetEvent
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
lstrcpynA
lstrlenA

user32

CharNextA
EnumThreadWindows
GetKeyboardType
GetSystemMetrics
LoadStringA
MessageBoxA
wsprintfA

oleaut32

SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VarBoolFromStr
VarBstrFromBool
VarBstrFromCy
VarBstrFromDate
VarCyFromStr
VarDateFromStr
VarI4FromStr
VarNeg
VarNot
VarR8FromStr
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

660240969d8df6b57ce10a1e868385fe

Headers

File Characteristics

Imports

advapi32

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 159KB - Virtual size: 160KB

.data Size: 15KB - Virtual size: 32KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

.reloc Size: 11KB - Virtual size: 12KB

.text
Size: 159KB - Virtual size: 160KB

.data
Size: 15KB - Virtual size: 32KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

.reloc
Size: 11KB - Virtual size: 12KB