88211ce8880ba67f58f1c6944a56fe60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

88211ce8880ba67f58f1c6944a56fe60_JaffaCakes118
Size

166KB
MD5

88211ce8880ba67f58f1c6944a56fe60
SHA1

f28782d926633d16cc3bc15adeb9eb0013c70f05
SHA256

aa552afc4eaa6ad71c1d7aa413ad0e0e8d961a0c0bb9cb1725e9b69f6561bada
SHA512

40faa8cdb9082346ab172884e68b69b03fa6b3d7250fb3ab24288bb423eef890f91c7110c05a29b5c4108a2a75a8a5b3368cdcc07a405bb9c87af7080b220653
SSDEEP

3072:dLVnKCZk+IFAUY/8dWFJVcVvLqCv80KsDFCXlvdHArtX8S+TJ38eHxYIx2X7:dLdk+eAV/8d4AzqCvn9FCXlVgp0NHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88211ce8880ba67f58f1c6944a56fe60_JaffaCakes118

Files

88211ce8880ba67f58f1c6944a56fe60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3add6eb6bdc8eda81a08749cb098ae98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
GetACP
FileTimeToSystemTime
GetEnvironmentStringsW
Sleep
IsBadWritePtr
TerminateProcess
GetThreadIOPendingFlag
GetModuleHandleA
GetFileType
TlsFree
ResetEvent
HeapDestroy
MapViewOfFile
SetStdHandle
SetPriorityClass
SetEvent
CreateSemaphoreA
WriteFile
GetPrivateProfileStringA
IsBadReadPtr
WideCharToMultiByte
FreeEnvironmentStringsW
WaitForSingleObject
GetLastError
GetOEMCP
TlsAlloc
MultiByteToWideChar
InterlockedIncrement
HeapReAlloc
RtlUnwind
SetLastError
LCMapStringA
HeapAlloc
DeleteCriticalSection
TransmitCommChar
LCMapStringW
GetProcAddress
GetTimeZoneInformation
IsDBCSLeadByte
HeapCreate
GetPriorityClass
CreateFileW
InitializeCriticalSection
EnumResourceNamesW
GetFullPathNameA
GetCurrentThreadId
IsBadCodePtr
HeapFree
LoadLibraryA
GlobalUnlock
ReleaseSemaphore
HeapSize
InterlockedExchange
GlobalAlloc
GetCPInfo
ExitThread
GetDiskFreeSpaceExA
lstrcmpA
GetEnvironmentVariableA
GetStringTypeW
GetStartupInfoA
GetStringTypeA
GetTempPathA
SetHandleCount
GetStdHandle
TlsSetValue
FlushFileBuffers
ExitProcess
CreateThread
GetModuleFileNameA
CompareStringA
GetTempFileNameA
GlobalFree
GetSystemTime
FreeLibrary
FreeEnvironmentStringsA
SetEndOfFile
WritePrivateProfileStringA
GetCommandLineA
InterlockedDecrement
lstrcmpW
LoadLibraryW
lstrcpyA
CloseHandle
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
CompareStringW
GetCurrentProcess
GetTempPathW
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
RaiseException
GetUserDefaultLCID
UnhandledExceptionFilter
ExitProcess
GetTickCount
CreateMutexA
GetEnvironmentStrings
TlsGetValue
GetFullPathNameW
CreateFileMappingA
GetThreadPriority
SetEnvironmentVariableA

shlwapi

PathAddBackslashA

user32

CharUpperA
wsprintfA
wsprintfW
MessageBoxA
GetKeyState
CharNextA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3add6eb6bdc8eda81a08749cb098ae98

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

msimg32

advapi32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 72KB