713a30034cb5e0e02e5c31b6518c35b5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

713a30034cb5e0e02e5c31b6518c35b5_JaffaCakes118
Size

160KB
MD5

713a30034cb5e0e02e5c31b6518c35b5
SHA1

31c678958e11abc832622206b11638592398ba06
SHA256

e0c7d9266704b8c025a245954c2461e3bece5f135ddc7e720262ca75093b3bff
SHA512

8feb5952656f24c32870eb4da240f86452e036393aade341f77704c4cb129c22006f72fbdfde79fa3c1bc1acc704956745753519b97acf3a69870fba8f40c2e4
SSDEEP

3072:mQ5M+z7y60Z9Z0uUczAAF8J0Hv87y8E0QaA6Rubdk0ISjEimQgGnD6/6sOEWih:mQW+CNZ0tcz3cN5FRcjIfimQgydsOQh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
713a30034cb5e0e02e5c31b6518c35b5_JaffaCakes118

Files

713a30034cb5e0e02e5c31b6518c35b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fd7e047cb030d24567142d45c6b05e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
wsprintfW
wsprintfA
GetKeyState
CharUpperA
CharNextA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

kernel32

GetTimeZoneInformation
WideCharToMultiByte
SetUnhandledExceptionFilter
ExitProcess
FileTimeToSystemTime
GetThreadIOPendingFlag
LoadLibraryW
GetCommandLineA
SetHandleCount
GetModuleHandleA
WaitForSingleObject
IsBadCodePtr
FlushFileBuffers
MapViewOfFile
HeapDestroy
InterlockedExchange
FreeLibrary
GetStringTypeW
GetTempFileNameA
GetStdHandle
GetDiskFreeSpaceExA
TransmitCommChar
GetOEMCP
GetTempPathW
EnterCriticalSection
GetProcAddress
GetFullPathNameW
CreateSemaphoreA
UnmapViewOfFile
LCMapStringW
IsBadReadPtr
IsBadWritePtr
GetPrivateProfileStringA
GetTickCount
GetEnvironmentStringsW
InterlockedDecrement
LoadLibraryA
HeapReAlloc
HeapSize
SetEvent
OutputDebugStringA
GetEnvironmentStrings
lstrcpyA
GlobalAlloc
GetCurrentProcess
GlobalUnlock
TlsSetValue
ExitThread
SetPriorityClass
FreeEnvironmentStringsA
HeapAlloc
HeapFree
SetStdHandle
IsDBCSLeadByte
UnhandledExceptionFilter
CreateFileW
MultiByteToWideChar
EnumResourceNamesW
ReleaseSemaphore
CompareStringW
CompareStringA
GetACP
GetPriorityClass
HeapCreate
ExitProcess
ResetEvent
SetLastError
TlsGetValue
RaiseException
WriteFile
lstrcmpW
FreeEnvironmentStringsW
CloseHandle
GetFullPathNameA
LCMapStringA
TlsAlloc
GetStartupInfoA
GetThreadPriority
GetCurrentThreadId
TerminateProcess
SetEndOfFile
GetEnvironmentVariableA
LeaveCriticalSection
GetTempPathA
GetModuleFileNameA
GetLastError
GetFileType
GlobalFree
WritePrivateProfileStringA
TlsFree
GetSystemTime
lstrcmpA
InitializeCriticalSection
InterlockedIncrement
GetUserDefaultLCID
CreateFileMappingA
GetCPInfo
FileTimeToLocalFileTime
RtlUnwind
GetStringTypeA
DeleteCriticalSection
Sleep
CreateMutexA
CreateThread
SetEnvironmentVariableA

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fd7e047cb030d24567142d45c6b05e4

Headers

File Characteristics

Imports

user32

msimg32

shlwapi

advapi32

kernel32

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 26KB - Virtual size: 25KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 26KB - Virtual size: 25KB

.crt
Size: 512B - Virtual size: 72KB