88874eb7643b8004b7088fea5e7a46e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

88874eb7643b8004b7088fea5e7a46e1_JaffaCakes118
Size

160KB
MD5

88874eb7643b8004b7088fea5e7a46e1
SHA1

6fad29cfe32c460d3b1e1e079cb9633e1010e13a
SHA256

152432df52217572fd57a508d9460a19ca356ca06e2bc41135b784f046ff6cc2
SHA512

e3135474d486e394271f49e606e739a10d68932f61db67cb27b4b0d67c984c3615f410b43360b8f64a25b93d72fad5ec92963565b96dd86119898d979c27f591
SSDEEP

3072:Sx9nLpt1U5RFTRDwObJ4KWi+jCW48y9GcUCDjJFH+guAu+4DohcqjFMCe:Yt25dEObv++H8y9G9CvJFH6Ap4DqcSFi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88874eb7643b8004b7088fea5e7a46e1_JaffaCakes118

Files

88874eb7643b8004b7088fea5e7a46e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8c982e70fb449563d27fcf2fb3444b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetVersion
GetShortPathNameA
GetWindowsDirectoryW
GetCurrentDirectoryA
FatalAppExitA
MoveFileA
GetThreadSelectorEntry
GetFullPathNameA
WriteProfileStringW
GetPrivateProfileSectionA
LocalHandle
DeleteAtom
ExitVDM
SetVolumeMountPointW
FreeLibrary
RtlUnwind
HeapAlloc
lstrlenA
CreateEventA
GetStringTypeW
GetStringTypeA
GetVersion
CloseHandle
GetModuleFileNameA
HeapReAlloc
GetCurrentThreadId
TerminateProcess
VirtualFree
LeaveCriticalSection
GetOEMCP
LoadLibraryA
LoadLibraryExA
Sleep
PulseEvent
DeleteFileA
CreateFileMappingA
SetStdHandle
GetCurrentProcessId
EnterCriticalSection
TlsGetValue
IsBadReadPtr
CreateThread
OpenEventA
GetStdHandle
GetCommandLineA
ExitProcess
GetModuleHandleA
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
GetCurrentProcess
GetFileType
IsBadCodePtr
GetLastError
WaitForSingleObject
IsBadWritePtr
GetCPInfo
TlsSetValue
WriteFile
InterlockedDecrement
HeapFree
OpenFileMappingA
LCMapStringW
GetTickCount
MapViewOfFile
GlobalAlloc
HeapDestroy
WideCharToMultiByte
ExitThread
InterlockedIncrement
MultiByteToWideChar
LCMapStringA
GetACP
UnmapViewOfFile
GlobalFree
CreateFileA
SetFileAttributesA
GetProcAddress
SetFilePointer
HeapCreate
GetStartupInfoA
lstrcpyA
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
TlsAlloc
SetLastError

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA

user32

ShowWindow
CreateWindowExA
GetDlgItemTextA
SendDlgItemMessageA
SetWindowTextA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 173KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8c982e70fb449563d27fcf2fb3444b7

Headers

File Characteristics

Imports

kernel32

version

advapi32

user32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 7KB - Virtual size: 37KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 173KB - Virtual size: 207KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 7KB - Virtual size: 37KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 173KB - Virtual size: 207KB