88d34c037b71a4ce8c1ffd95d89282d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

88d34c037b71a4ce8c1ffd95d89282d1_JaffaCakes118
Size

285KB
MD5

88d34c037b71a4ce8c1ffd95d89282d1
SHA1

bfb75aa3461aaa6a1b46ac6800000c6400969bfe
SHA256

22fda33178b2ddd4091f07758fd9b60ea3f4722abe768ba892640ed31835e22e
SHA512

a5d41e2595b73cd9adbc43c911e8406ed570c0782fdf608cfa6966b378a833c6cfbabee5c46c814fa569e9eef7526cf566190393583305e08d13c0ae86a17bb6
SSDEEP

6144:dp8WTnJXHjpsBZQ5QkGc1nACyun8pms9x9E786bkXd6Xx:deWTnRHjpKZ8P1ACyunSms1BxXd6Xx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88d34c037b71a4ce8c1ffd95d89282d1_JaffaCakes118

Files

88d34c037b71a4ce8c1ffd95d89282d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ced826f1014dd3ea7fdeaa7909d2933

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetCurrentThread
GetSystemTime
InterlockedDecrement
LoadLibraryW
GetTickCount
GetLocalTime
GetDriveTypeW
TerminateThread
CloseHandle
FindNextChangeNotification
GetUserDefaultLangID
CreateEventW
FileTimeToSystemTime
GetVersion
ResumeThread
MoveFileW
GlobalUnlock
GetProcAddress
lstrcpyW
lstrlenW
FindClose
GetFileSize
CreateThread
WriteFile
FindResourceW
GetModuleFileNameW
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
LoadResource
SetEndOfFile
GetCurrentProcessId
InterlockedIncrement
WritePrivateProfileStringW
FindFirstChangeNotificationW
CancelWaitableTimer
GlobalLock
SizeofResource
QueryDosDeviceW
FindResourceExW
GlobalAddAtomW
GetCurrentThreadId
CreateFileW
LockResource
WaitForSingleObject
ResetEvent
GetFileAttributesW
VirtualAlloc
GetPrivateProfileStringW
GetFileAttributesExW
FreeLibrary
MulDiv

user32

GetWindowDC
GetClassNameW
SetWindowPos
DestroyIcon
DestroyMenu
PostThreadMessageW
CreateWindowExW
InvalidateRect
LoadBitmapW
MessageBoxW
GetDlgItem
TrackPopupMenu
DispatchMessageW
ReleaseDC
RegisterClassExW
SetForegroundWindow
GetWindowThreadProcessId
SendMessageW
GetSystemMetrics
AppendMenuW
GetSysColor
RegisterWindowMessageW
GetCursorPos
FillRect
wsprintfW
SendDlgItemMessageW
EnableWindow
SetCapture
LoadIconW
OffsetRect
DialogBoxParamW
SetWindowTextW
IsDlgButtonChecked
SetCursorPos
ReleaseCapture
GetWindowRect
CreatePopupMenu
LoadStringW
UpdateWindow
RedrawWindow
DefWindowProcW
DrawTextW
LoadCursorW
IsWindow
RegisterHotKey

gdi32

SelectObject
SetBkColor
LineTo
BitBlt
CreatePen
DeleteObject
GetClipBox
SetMapMode
GetStockObject
StretchBlt
SetTextColor
SetBkMode
GetObjectW
CreateCompatibleBitmap
CreateDCW
DPtoLP
CreateBitmap

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

Shell_NotifyIconW

ole32

CoInitialize
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ced826f1014dd3ea7fdeaa7909d2933

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 248KB - Virtual size: 246KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 27KB

.text
Size: 248KB - Virtual size: 246KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 27KB