64983dcd25fcdb7a328e7207f9eb6a23_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64983dcd25fcdb7a328e7207f9eb6a23_JaffaCakes118
Size

163KB
MD5

64983dcd25fcdb7a328e7207f9eb6a23
SHA1

aba2c7aee0e5ecbf0b07d57b64123c9e48484421
SHA256

54ebc18cdcb2ab1ca8b6aa18f457c50c03ce104e324806ba5ad098956cce35de
SHA512

146b6171f12edfc459a147404c805bc71e6992229f5d5afc619de38324ef7fdb2645fb9a2a91a24b9b2a30a8938e077e76e8a401c4363b3331358352282a6bd5
SSDEEP

3072:u2qJi56iR3q+2wE0OL19ToTxBUeqYyJg1xzaM6yvdxzWId8o:bqJg3q+230CABUeqYhH19V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64983dcd25fcdb7a328e7207f9eb6a23_JaffaCakes118

Files

64983dcd25fcdb7a328e7207f9eb6a23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ab1fb8cc5ac24f196cfc44d82f91d4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetACP
GetThreadIOPendingFlag
FlushFileBuffers
GetPriorityClass
FreeEnvironmentStringsW
WriteFile
TlsGetValue
ReleaseSemaphore
WaitForSingleObject
HeapAlloc
LoadLibraryA
GetStartupInfoA
GetTempPathW
CreateFileW
IsBadCodePtr
TlsFree
GetOEMCP
SetEndOfFile
IsBadWritePtr
GetCPInfo
MultiByteToWideChar
FileTimeToSystemTime
TransmitCommChar
GetDiskFreeSpaceExA
GetPrivateProfileStringA
Sleep
GetTempFileNameA
FreeEnvironmentStringsA
OutputDebugStringA
HeapReAlloc
GlobalAlloc
GetSystemTime
HeapCreate
GetFileType
GlobalFree
HeapFree
LCMapStringW
HeapSize
InterlockedExchange
GetTimeZoneInformation
CreateMutexA
GetEnvironmentStringsW
SetPriorityClass
GetEnvironmentVariableA
lstrcmpA
LeaveCriticalSection
EnumResourceNamesW
TlsSetValue
GetStringTypeA
LoadLibraryW
RaiseException
UnmapViewOfFile
lstrcpyA
DeleteCriticalSection
GetCurrentProcess
MapViewOfFile
IsDBCSLeadByte
GetThreadPriority
ExitThread
SetLastError
GetModuleFileNameA
GetLastError
RtlUnwind
InterlockedIncrement
GetModuleHandleA
WritePrivateProfileStringA
GetTempPathA
TerminateProcess
InitializeCriticalSection
GetCommandLineA
ExitProcess
TlsAlloc
GetStringTypeW
GetTickCount
SetUnhandledExceptionFilter
InterlockedDecrement
CloseHandle
CompareStringA
GetFullPathNameW
GlobalUnlock
CreateThread
LCMapStringA
GetEnvironmentStrings
SetEvent
UnhandledExceptionFilter
FreeLibrary
GetFullPathNameA
ResetEvent
EnterCriticalSection
HeapDestroy
GetCurrentThreadId
ExitProcess
GetUserDefaultLCID
GetStdHandle
CreateSemaphoreA
SetStdHandle
CompareStringW
FileTimeToLocalFileTime
SetHandleCount
GetProcAddress
CreateFileMappingA
lstrcmpW
IsBadReadPtr
SetEnvironmentVariableA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

msimg32

AlphaBlend
TransparentBlt

user32

GetKeyState
CharUpperA
CharNextA
wsprintfW
MessageBoxA
wsprintfA
CharLowerA

shlwapi

PathAddBackslashA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ab1fb8cc5ac24f196cfc44d82f91d4e

Headers

File Characteristics

Imports

kernel32

advapi32

msimg32

user32

shlwapi

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 68KB