76ebf0257f9b2dcd03a75437691c2102_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

76ebf0257f9b2dcd03a75437691c2102_JaffaCakes118
Size

488KB
MD5

76ebf0257f9b2dcd03a75437691c2102
SHA1

5e8cdab35391cdb701b9542adf807ad2fca75de6
SHA256

c8faadd6fb73542e02cd41ae56c152ec2a96ce0ce6e5be850f5a253f5f2c3e09
SHA512

c74f5cc17e664098b4df793ec51398783f09398a82f3c61d3223cb42c0402a5a87f3504aa4bacbe94cda4437400f1254ebfe5a48e3e1dd7286178b9ac2e6558c
SSDEEP

12288:S7yDQM0kSKYLPpXeduvNSsEeXi9f0SJze+5377RSm8OVXQ:S7yn0MApXeovNli9MSJz/5377RieXQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76ebf0257f9b2dcd03a75437691c2102_JaffaCakes118

Files

76ebf0257f9b2dcd03a75437691c2102_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e876cd7ff8028058f0da572e8dbbb119

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSysColor
CheckMenuItem
ReleaseCapture
GetDlgItem
GetParent
GetFocus
DialogBoxParamA
EndDialog
SetForegroundWindow
DispatchMessageA
SetFocus
GetDC
GetMessageA
BeginPaint
IsWindow
SendMessageA
PeekMessageA
LoadCursorA
MessageBoxA
GetSystemMetrics
ReleaseDC
MoveWindow
KillTimer
UnregisterClassA
InvalidateRect
TranslateMessage
SystemParametersInfoA
EnableWindow
UpdateWindow
DefWindowProcA
GetClientRect
IsIconic
PostMessageA
ScreenToClient
ShowWindow
GetWindowLongA
SetWindowPos
SetCursor
GetWindowRect
SetWindowLongA

kernel32

lstrcmpiA
TlsFree
GetCurrentThreadId
GetModuleFileNameA
VirtualQuery
GetModuleHandleA
CreateFileA
HeapCreate
HeapSize
GetEnvironmentVariableA
GetTimeZoneInformation
GetCurrentProcessId
FormatMessageA
GetFileSize
GetVersion
GetThreadLocale
IsValidCodePage
ExitProcess
LoadLibraryW
SetEnvironmentVariableA
CreateThread
TlsAlloc
GetCurrentDirectoryA
GetFileType
CreateFileMappingA
ResetEvent
SetUnhandledExceptionFilter
WriteFile
GetLocalTime
ReleaseMutex
DeleteCriticalSection
SetLastError
UnmapViewOfFile
FindNextFileW
FindNextFileA
LeaveCriticalSection
InterlockedExchange
InterlockedIncrement
QueryPerformanceCounter
Sleep
ReadFile
OutputDebugStringA
SetStdHandle
CreateProcessW
FindClose
InterlockedCompareExchange
InterlockedDecrement
GetVersionExW
GetVersionExA
GetStringTypeW
CloseHandle
IsDebuggerPresent
GetCommandLineW
GetCommandLineA
GetCPInfo
WriteConsoleW
TlsGetValue
FlushFileBuffers
DeleteFileA
GetStartupInfoA
FreeEnvironmentStringsW
GetExitCodeProcess
GetConsoleMode
UnhandledExceptionFilter
RaiseException
WriteConsoleA
VirtualAlloc
LockResource
LoadResource
GetSystemInfo
GetSystemTime
GetEnvironmentStringsW
CreateProcessA
HeapDestroy
FindFirstFileW
TlsSetValue
GetSystemTimeAsFileTime
GetStringTypeA
HeapReAlloc
HeapAlloc
CreateFileW
CreateMutexA
TerminateProcess
GlobalUnlock
GlobalFree
CompareStringW
MultiByteToWideChar
LCMapStringA
CompareStringA
WideCharToMultiByte
lstrlenW
lstrlenA
HeapFree
GlobalLock
GetStdHandle
GetDriveTypeA
VirtualFree
FindFirstFileA
MapViewOfFile
GetLastError
WaitForSingleObject
CreateEventA
SetHandleCount
GetACP
InitializeCriticalSection
FreeLibrary
LoadLibraryA
GetProcAddress
LoadLibraryExA
GetCurrentProcess
GlobalAlloc
GetConsoleOutputCP
lstrcpyA
lstrcatA
SetEndOfFile
GetProcessHeap
FindResourceA
GetOEMCP
GetSystemDirectoryA
SetErrorMode
EnterCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
GetModuleFileNameW
GetTempPathA
SetFilePointer
LoadLibraryExW
SizeofResource
GetCurrentThread
LocalFree
LocalAlloc
GetConsoleCP
MulDiv
LCMapStringW
GetLocaleInfoA
GetFileAttributesA

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA

gdi32

CreateCompatibleDC
SelectObject
GetDeviceCaps
DeleteDC
SetTextColor
DeleteObject

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strcmpi

Sections

.text
Size: 472KB - Virtual size: 469KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e876cd7ff8028058f0da572e8dbbb119

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

version

msvcrt

Sections

.text Size: 472KB - Virtual size: 469KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 472KB - Virtual size: 469KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 3KB