643bb7c4f4d48f8389a515ced99bee4d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

643bb7c4f4d48f8389a515ced99bee4d_JaffaCakes118
Size

383KB
MD5

643bb7c4f4d48f8389a515ced99bee4d
SHA1

db883616b557e841d72b0aada83dc1298630cdfa
SHA256

df92840e2d91962339ce663797a8b0ea3b3dcf2cd7521927f49aaa3957f6d972
SHA512

db694f4ce898efeadf3357eb7b1a58b9d6e886f8ad2169c2b9233cb53fc57bb4bcaecb9123fdb244e6e200467dde779cbb2b6bb52d88a9092896a799f31ce0a4
SSDEEP

6144:yeKX/o67DN35TasGyfUn/y611mqbGqKql3FGy5qGS/cjBNVJzIg:yz/NFPGeUFmxq9VR32g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
643bb7c4f4d48f8389a515ced99bee4d_JaffaCakes118

Files

643bb7c4f4d48f8389a515ced99bee4d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8480cc15fbddcd67372544e4fa9532f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
LocalFree
GetProcAddress
LeaveCriticalSection
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LocalAlloc
HeapFree
GetProcessHeap
UnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
WriteFileEx
SetWaitableTimer
GetTickCount
InitializeCriticalSection
CloseHandle
GetOverlappedResult
CancelIo
WaitForSingleObject
GetTimeFormatA
DeviceIoControl
CreateEventW
DisableThreadLibraryCalls
LoadLibraryW
lstrlenW
SetEvent
ReadFileEx
ResetEvent
HeapAlloc
QueueUserAPC
PurgeComm
DeleteCriticalSection
WaitForSingleObjectEx
CreateThread
GetCurrentThreadId
ReadFile
SetFilePointer
DeleteFileW
GetTempFileNameW
GetTempPathW
HeapDestroy
TlsFree
GetModuleHandleA
FileTimeToSystemTime
EnterCriticalSection
GetDateFormatA
LoadLibraryA
FreeLibrary
VirtualProtect
GlobalFree
GetCommandLineA
GetLastError
GetStartupInfoA
GlobalAlloc

user32

ShowWindow
GetWindowPlacement
MessageBoxA
GetDC
GetDlgItem
ScreenToClient
PtInRect
EnableWindow
LoadStringA
LoadIconA
DrawIcon
LoadStringW
DestroyWindow
IsChild
GetFocus
InvalidateRect
RegisterClassW
DestroyMenu
TrackPopupMenu
ClientToScreen
GetMenuDefaultItem
CreatePopupMenu
UnregisterClassW
EndDialog
SendMessageA
GetCursorPos
LoadBitmapA
SetFocus
DialogBoxParamA
SetWindowTextA
SetWindowPlacement
ReleaseDC

advapi32

CryptReleaseContext
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
CryptAcquireContextA

gdi32

DeleteObject

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree

msvcr71

__set_app_type
__p__commode
__setusermatherr
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
memset
_CIsqrt
memmove
_CxxThrowException
memcpy
wcstombs
wcslen
mbstowcs
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
_except_handler3
_controlfp
__p__fmode

Sections

.text
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8480cc15fbddcd67372544e4fa9532f6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 373KB - Virtual size: 373KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 291KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 373KB - Virtual size: 373KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 291KB

.rsrc
Size: 1KB - Virtual size: 1KB