8490fb10a6a24af7e9adcf21b2b5b93a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8490fb10a6a24af7e9adcf21b2b5b93a_JaffaCakes118
Size

104KB
MD5

8490fb10a6a24af7e9adcf21b2b5b93a
SHA1

b2bd9ed772326769d7757edb350279bd95dae329
SHA256

ca453a56299d8bcd5c38b41edfe7824d42e4fd7d5bbaa4a0c7b501c17b9b65a4
SHA512

302a5f2f7fe060dadef02c09599e8e1de0486e1fe6c768921c2f3919386c5c6c3ae09a9c9f6739f6b7cc85b7dccc83746c8020fc56a894d4f4ddcad4b37872fd
SSDEEP

1536:yp7YQLepHwZi4jdxViYO8Tl2cBdDKPspmbstMVsx0s4mZn1FDD:uY4jnViYpTlXxKPj1dmZn1FDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8490fb10a6a24af7e9adcf21b2b5b93a_JaffaCakes118

Files

8490fb10a6a24af7e9adcf21b2b5b93a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a75a56c68e69643a25e6c6c413f2539d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\My Documents\Visual Studio Projects\launcher\seup2\Release\seup2.pdb

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
LoadResource
FindResourceA
SizeofResource
LockResource
FreeResource
InterlockedDecrement
lstrlenA
GetSystemDirectoryA
IsWow64Process
CloseHandle
WriteFile
GetFileAttributesA
SetErrorMode
DeleteFileA
MoveFileA
CreateFileA
GetSystemInfo
VirtualProtect
IsBadCodePtr
IsBadReadPtr
GetVersionExA
GetLocaleInfoA
GetACP
GetCurrentProcess
InterlockedExchange
SetUnhandledExceptionFilter
LoadLibraryA
ExitProcess
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapAlloc
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetProcAddress
TerminateProcess
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

LoadStringA
CharUpperA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a75a56c68e69643a25e6c6c413f2539d

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 64KB - Virtual size: 63KB