61767b30cc471c69fb7ce6b06c40179a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

61767b30cc471c69fb7ce6b06c40179a_JaffaCakes118
Size

190KB
MD5

61767b30cc471c69fb7ce6b06c40179a
SHA1

8657ad663421dce91b69a578f0ee510c4085d970
SHA256

e9b10297e63361d5e1e83d298db91a9e284d75363baa344ed66582720e63fcaf
SHA512

2c665f5886dd35538a42be0b89ffb01d6e0911acbb8da92457780aa924934b802830c9a9d10a548022206262a75d0a4b2911ee80b7693c494deef0bac0cd442c
SSDEEP

3072:XqWx/jH/D5xenN2zbJEMYVeMO6f+AV8lzoW9VVuNn4H3rB7SWdKQuHjnFRqq:lLb5xANyE9oMOo6l9VVuNncrBvYHjHqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61767b30cc471c69fb7ce6b06c40179a_JaffaCakes118

Files

61767b30cc471c69fb7ce6b06c40179a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bee17e79f4f158dbea4e7ec90c73ea50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
FlushFileBuffers
ReleaseSemaphore
RaiseException
GetLastError
CloseHandle
SetUnhandledExceptionFilter
IsDBCSLeadByte
ResetEvent
LCMapStringW
GetCurrentThreadId
GetEnvironmentVariableA
IsBadWritePtr
GetThreadIOPendingFlag
RtlUnwind
WriteFile
GetOEMCP
CompareStringW
CompareStringA
MapViewOfFile
HeapCreate
ExitThread
GetFullPathNameW
InterlockedDecrement
GetStartupInfoA
GetCPInfo
GetModuleFileNameA
OutputDebugStringA
Sleep
GlobalUnlock
GetEnvironmentStrings
CreateFileMappingA
HeapFree
TransmitCommChar
SetPriorityClass
CreateFileW
SetEndOfFile
TlsSetValue
GetFileType
GetStringTypeA
SetLastError
WideCharToMultiByte
lstrcmpW
InterlockedExchange
GetEnvironmentStringsW
GetCurrentProcess
SetEvent
HeapSize
TlsAlloc
EnumResourceNamesW
LCMapStringA
GetSystemTime
GetACP
GetProcAddress
SetHandleCount
GetThreadPriority
FileTimeToLocalFileTime
lstrcpyA
GlobalFree
HeapDestroy
FreeLibrary
FreeEnvironmentStringsW
HeapAlloc
GetStdHandle
GlobalAlloc
ExitProcess
GetTempPathW
TerminateProcess
WritePrivateProfileStringA
CreateMutexA
GetPrivateProfileStringA
EnterCriticalSection
GetPriorityClass
MultiByteToWideChar
GetStringTypeW
UnmapViewOfFile
ExitProcess
GetModuleHandleA
GetFullPathNameA
GetCommandLineA
GetTempFileNameA
IsBadReadPtr
lstrcmpA
FreeEnvironmentStringsA
GetTempPathA
HeapReAlloc
InterlockedIncrement
SetStdHandle
CreateThread
LeaveCriticalSection
TlsGetValue
GetTimeZoneInformation
UnhandledExceptionFilter
InitializeCriticalSection
CreateSemaphoreA
GetDiskFreeSpaceExA
IsBadCodePtr
WaitForSingleObject
GetUserDefaultLCID
LoadLibraryA
TlsFree
FileTimeToSystemTime
GetTickCount
DeleteCriticalSection
SetEnvironmentVariableA

msimg32

AlphaBlend
TransparentBlt

user32

GetKeyState
CharUpperA
MessageBoxA
CharNextA
wsprintfA
wsprintfW
CharLowerA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shlwapi

PathAddBackslashA

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bee17e79f4f158dbea4e7ec90c73ea50

Headers

File Characteristics

Imports

kernel32

msimg32

user32

advapi32

shlwapi

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.crt
Size: 512B - Virtual size: 84KB