85c29d05133f95ac2a07d8819e4a7084_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

85c29d05133f95ac2a07d8819e4a7084_JaffaCakes118
Size

81KB
MD5

85c29d05133f95ac2a07d8819e4a7084
SHA1

7a31e3ba3136c76d867ded8d9667458bb18aded1
SHA256

91095ffbfb794e39c9db61fcebbd6d3acfe1f7f29f72cd516ef6a8205c562e11
SHA512

1e25e37b2ac6b44f2a91d37ed7fcd0fc316c511cb10c5e35b7e2bec1526b65aad99f2b0300c56af8ccad9704aeeb078bd5e59d099b8edeecccc25a234f3c3490
SSDEEP

1536:X08DES+L0aScbYQ4zrkiLswvyO8xYkO8ePQb177nUx2umefjmo3vF:X0IEuaScc3HIO8iklPp7To2umexfF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85c29d05133f95ac2a07d8819e4a7084_JaffaCakes118

Files

85c29d05133f95ac2a07d8819e4a7084_JaffaCakes118
.exe windows:5 windows x86 arch:x86

478b83ac4ca0689e556d676d8da47396

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
CreateWindowExA
SendDlgItemMessageA
GetDlgItemTextA
ShowWindow

advapi32

RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA

kernel32

LoadLibraryA
OpenEventA
SetFileAttributesA
GetStdHandle
WriteFile
TlsGetValue
SetLastError
lstrcpyA
GetOEMCP
lstrlenA
SetThreadPriorityBoost
GlobalFree
ExitThread
TlsAlloc
GetCommandLineA
RtlUnwind
TerminateProcess
MapViewOfFile
LeaveCriticalSection
CreateEventA
EnterCriticalSection
FreeLibrary
CreateFileA
IsBadCodePtr
GlobalAlloc
DeleteCriticalSection
SetupComm
SetFilePointer
SetStdHandle
WideCharToMultiByte
LCMapStringW
Sleep
LCMapStringA
HeapAlloc
InterlockedDecrement
GetModuleFileNameA
GetACP
GetProcAddress
HeapDestroy
CloseHandle
ExitProcess
VirtualAlloc
SetHandleCount
UnmapViewOfFile
VirtualFree
HeapCreate
InterlockedIncrement
GetFileType
GetTickCount
IsBadWritePtr
IsBadReadPtr
GetCurrentProcess
GetStringTypeW
TlsSetValue
GetModuleHandleA
GetVersion
OpenFileMappingA
GetCPInfo
HeapReAlloc
GetStartupInfoA
FlushFileBuffers
CreateFileMappingA
CreateThread
GetCurrentProcessId
UnhandledExceptionFilter
PulseEvent
HeapFree
LoadLibraryExA
FlushFileBuffers
DeleteFileA
GetStringTypeA
InitializeCriticalSection
GetLastError
GetCurrentThreadId
MultiByteToWideChar
GetPrivateProfileSectionA
WriteProfileStringW
DeleteAtom
GetCurrentDirectoryA
FatalAppExitA
GetShortPathNameA
GetWindowsDirectoryW
GetFullPathNameA
MoveFileA
IsValidCodePage
GetVersion
SetVolumeMountPointW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 151KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

478b83ac4ca0689e556d676d8da47396

Headers

File Characteristics

Imports

user32

advapi32

kernel32

version

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 111KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 151KB - Virtual size: 271KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 111KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 151KB - Virtual size: 271KB