775911a6d4cae08d71eebfbdc072b54d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

775911a6d4cae08d71eebfbdc072b54d_JaffaCakes118
Size

60KB
MD5

775911a6d4cae08d71eebfbdc072b54d
SHA1

c24c6b571b0d5599e1ca670cbefe50b2f8cdbf1c
SHA256

1539f947bb57e782a19cf8ad956108002cea71808861904eb6343c09f3a8e646
SHA512

de44925d55442f3c058b8e0ba23ba85c284f751f94decfeb7a1ee39e4d4fc09cefc89b3a2f8e64c2a237750c40375cb40acf0ace0120abf7ddddf72b50c4738b
SSDEEP

768:lJTTXoi+4liEUkzw1/dBHrUAYz8vXzzQwmkhoXv7kCqRfe8c:lB8EUiGlUHagYoXiW8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
775911a6d4cae08d71eebfbdc072b54d_JaffaCakes118

Files

775911a6d4cae08d71eebfbdc072b54d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

add374aaeddf41b4e962913e9a5b126a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
DeleteFileA
GetLastError
ExitProcess
CreateProcessA
CopyFileA
GetModuleFileNameA
GetWindowsDirectoryA
GetFileAttributesA
GetVersionExA
SetFileAttributesA
RemoveDirectoryA
FindClose
Sleep
FindNextFileA
FindFirstFileA
GetSystemDirectoryA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
SleepEx
SetCurrentDirectoryA
CreateFileA
DeviceIoControl
CloseHandle
SetFilePointer
GetTempPathA
GetSystemDefaultLangID
WriteFile
GetVersion
HeapFree
GetStringTypeA
SetStdHandle
GetStringTypeW
GetProcAddress
GetOEMCP
LoadLibraryA
GetCPInfo
LCMapStringW
GetACP
MultiByteToWideChar
LCMapStringA
FlushFileBuffers
HeapReAlloc
RtlUnwind
VirtualFree
VirtualAlloc
HeapDestroy
GetEnvironmentVariableA
HeapCreate
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
FreeEnvironmentStringsW
GetCurrentProcess
HeapAlloc
TerminateProcess
HeapSize

user32

GetMessageA
MessageBoxA
GetSystemMetrics
ShowWindow
MoveWindow
TrackPopupMenu
GetWindowRect
DefWindowProcA
AppendMenuA
CreatePopupMenu
PostMessageA
SendMessageA
UpdateWindow
LoadCursorA
TranslateMessage
DispatchMessageA
KillTimer
RegisterClassA
CreateWindowExA
SetTimer
PostQuitMessage
FindWindowA
GetCursorPos
LoadImageA
SetForegroundWindow
DestroyWindow

gdi32

DeleteObject

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

add374aaeddf41b4e962913e9a5b126a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 5KB