771d26d543b690f80890d78aa818e765_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

771d26d543b690f80890d78aa818e765_JaffaCakes118
Size

240KB
MD5

771d26d543b690f80890d78aa818e765
SHA1

3c4c37b8d87a7ebd21997cac87a0c3b492b391d7
SHA256

35833e6c4324551c9aa69332f9d2d6868b188afa1457769b108e2709fbcc1a58
SHA512

8ce3928471ebf66e73d92d4a96025ca3c728e9118006947bac2c15bb0c4ca6e13a888915046c0a28f802b97c5e1bb24a4b0cba906203cb770885699f549da2a8
SSDEEP

6144:YqHBZdpJLRHCoQsxKOtQ3vVxDqTxLaBokrSGcGcge77QmUSqJVw:YqhZ9LRioQsnIvf29OokrHct7QmYjw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
771d26d543b690f80890d78aa818e765_JaffaCakes118

Files

771d26d543b690f80890d78aa818e765_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4bbbd5ab8e8c6aa5a54ee08d0256025

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
OpenProcess
WaitForSingleObject
GetCurrentProcessId
GetTickCount
GetLastError
WriteProcessMemory
WriteFile
GetVersionExA
CreateMutexA
GlobalFree
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcatA
ResetEvent
DuplicateHandle
GetCurrentProcess
CreateEventA
DeviceIoControl
IsBadStringPtrA
SetEvent
CloseHandle
CreateFileMappingA
MapViewOfFile
CreateFileA
GlobalAlloc
ReleaseMutex
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
UnmapViewOfFile
GetFileType
GetCPInfo
GetACP
EnterCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetOEMCP
InitializeCriticalSection
LeaveCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind

user32

PostQuitMessage
SetWindowTextA
wsprintfA
PeekMessageA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
MessageBoxA
CreateWindowExA
ShowWindow
LoadCursorA
RegisterClassA
DestroyWindow
DefWindowProcA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegEnumKeyExA
SetSecurityDescriptorDacl
RegEnumValueA
InitializeSecurityDescriptor

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4bbbd5ab8e8c6aa5a54ee08d0256025

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 176KB - Virtual size: 177KB

.rsrc Size: 4KB - Virtual size: 1016B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 176KB - Virtual size: 177KB

.rsrc
Size: 4KB - Virtual size: 1016B