7839c3ce729a5ebd61a2c91f4ec37360_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7839c3ce729a5ebd61a2c91f4ec37360_JaffaCakes118
Size

165KB
MD5

7839c3ce729a5ebd61a2c91f4ec37360
SHA1

ee8da33007324ecb7e63ac45d6e089a53ab4919c
SHA256

1c10f7e9ff538fccedd600b53dd99e16ff471b594482d5700c4547f7c9324f67
SHA512

ce459f1ba5ae50710258908487fbfbec02ceb35a474f9c78c01b1bb503e1d0a9c4cca34728bcb89641f87c939dea9184ed5af136d703831431f07bc6d7e1b306
SSDEEP

3072:WO8/B+F9lIveMNfS6K8JlbBUA0vaRANa/nYmHJoUp4d:pVFY2MF3bqAb2ynYeon

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7839c3ce729a5ebd61a2c91f4ec37360_JaffaCakes118

Files

7839c3ce729a5ebd61a2c91f4ec37360_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cd7b00b2aa9ddd503dc4e64ea0bc94e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

shlwapi

PathAddBackslashA

msimg32

AlphaBlend
TransparentBlt

user32

CharUpperA
wsprintfW
GetKeyState
CharNextA
MessageBoxA
wsprintfA
CharLowerA

kernel32

CreateFileMappingA
LoadLibraryW
EnterCriticalSection
TlsGetValue
GetTickCount
InterlockedExchange
GetCurrentThreadId
GlobalUnlock
GetThreadIOPendingFlag
TlsFree
lstrcmpW
GetTimeZoneInformation
CreateFileW
IsDBCSLeadByte
GetEnvironmentStringsW
SetUnhandledExceptionFilter
ResetEvent
InterlockedIncrement
HeapReAlloc
MultiByteToWideChar
MapViewOfFile
WritePrivateProfileStringA
TransmitCommChar
GetPrivateProfileStringA
GetCurrentProcess
SetHandleCount
FreeLibrary
GetFileType
DeleteCriticalSection
GetCPInfo
HeapCreate
GetTempPathW
CreateSemaphoreA
GetThreadPriority
GetModuleHandleA
IsBadWritePtr
GetStartupInfoA
GetStdHandle
GetOEMCP
SetStdHandle
GetUserDefaultLCID
WideCharToMultiByte
GetProcAddress
LCMapStringA
GetFullPathNameW
HeapSize
SetPriorityClass
UnhandledExceptionFilter
GetLastError
ExitThread
CreateMutexA
IsBadReadPtr
WaitForSingleObject
SetEndOfFile
GetEnvironmentStrings
InitializeCriticalSection
CreateThread
GetPriorityClass
GetModuleFileNameA
lstrcmpA
EnumResourceNamesW
GetTempFileNameA
LeaveCriticalSection
IsBadCodePtr
GetEnvironmentVariableA
ExitProcess
GlobalAlloc
HeapDestroy
InterlockedDecrement
GetSystemTime
GetDiskFreeSpaceExA
RaiseException
RtlUnwind
GetStringTypeW
SetEvent
ReleaseSemaphore
HeapFree
TerminateProcess
TlsSetValue
SetLastError
OutputDebugStringA
FreeEnvironmentStringsA
FileTimeToSystemTime
GetACP
UnmapViewOfFile
lstrcpyA
CompareStringW
GetStringTypeA
FlushFileBuffers
Sleep
CompareStringA
GlobalFree
LCMapStringW
CloseHandle
FileTimeToLocalFileTime
GetTempPathA
WriteFile
GetFullPathNameA
FreeEnvironmentStringsW
LoadLibraryA
ExitProcess
TlsAlloc
GetCommandLineA
HeapAlloc
SetEnvironmentVariableA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cd7b00b2aa9ddd503dc4e64ea0bc94e

Headers

File Characteristics

Imports

advapi32

shlwapi

msimg32

user32

kernel32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 23KB

.crt Size: 512B - Virtual size: 76KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 23KB

.crt
Size: 512B - Virtual size: 76KB