89df63416237456a45ffbecbb97c7f66_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

89df63416237456a45ffbecbb97c7f66_JaffaCakes118
Size

177KB
MD5

89df63416237456a45ffbecbb97c7f66
SHA1

c2389052f2e062157787acec038754d988891c85
SHA256

ec7ce696ab9bc1221e60742b4211aa34299a0856193cc75e9edb0aa5a419677c
SHA512

1605e2020ef2107db44f6704521602b9a66ea93473ed69aa8144dc3f25ff2dbebccb85bb6d8f58a204e625924933d32341934d78c7947904f713178dc1f55910
SSDEEP

3072:ztQ/wltNDbwnEELshZ/wN1NujLZ32Y7c6Sm/s+7tP0XPj8A/tb+Fry/:6/wlPDbTEgEN14jLwx6Sf+7KXYab+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89df63416237456a45ffbecbb97c7f66_JaffaCakes118

Files

89df63416237456a45ffbecbb97c7f66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1451e499c30b2b07b750cc3362b22c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

user32

wsprintfA
wsprintfW
MessageBoxA
CharNextA
GetKeyState
CharUpperA
CharLowerA

shlwapi

PathAddBackslashA

kernel32

GetOEMCP
GlobalAlloc
IsBadCodePtr
WideCharToMultiByte
GetThreadIOPendingFlag
lstrcpyA
GetACP
GetStringTypeW
SetUnhandledExceptionFilter
DeleteCriticalSection
CreateFileMappingA
GetFullPathNameW
SetLastError
WriteFile
GetStringTypeA
HeapAlloc
GetModuleFileNameA
GetDiskFreeSpaceExA
SetEndOfFile
GetCPInfo
ResetEvent
GetSystemTime
UnmapViewOfFile
TransmitCommChar
FreeEnvironmentStringsW
RtlUnwind
GetFullPathNameA
GetLastError
SetEvent
HeapCreate
IsBadWritePtr
Sleep
GetTempFileNameA
CompareStringW
MultiByteToWideChar
GetCommandLineA
WritePrivateProfileStringA
GetCurrentThreadId
FreeLibrary
WaitForSingleObject
ExitProcess
GetThreadPriority
EnumResourceNamesW
HeapReAlloc
FlushFileBuffers
GetEnvironmentVariableA
GetModuleHandleA
lstrcmpA
TlsGetValue
CreateMutexA
CreateFileW
TlsFree
GetCurrentProcess
GetTempPathA
RaiseException
HeapFree
GetPriorityClass
InterlockedDecrement
LCMapStringW
ReleaseSemaphore
GlobalFree
InitializeCriticalSection
UnhandledExceptionFilter
ExitThread
GetStdHandle
CloseHandle
GetPrivateProfileStringA
ExitProcess
LeaveCriticalSection
IsBadReadPtr
CreateSemaphoreA
GetUserDefaultLCID
InterlockedExchange
LCMapStringA
EnterCriticalSection
GetTempPathW
SetPriorityClass
GetEnvironmentStrings
TlsAlloc
GetTickCount
CreateThread
HeapSize
GetFileType
SetHandleCount
MapViewOfFile
TlsSetValue
OutputDebugStringA
GetTimeZoneInformation
lstrcmpW
FileTimeToLocalFileTime
IsDBCSLeadByte
GetProcAddress
GetStartupInfoA
LoadLibraryW
HeapDestroy
InterlockedIncrement
GetEnvironmentStringsW
CompareStringA
SetStdHandle
FileTimeToSystemTime
GlobalUnlock
LoadLibraryA
TerminateProcess
FreeEnvironmentStringsA
SetEnvironmentVariableA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1451e499c30b2b07b750cc3362b22c4

Headers

File Characteristics

Imports

msimg32

advapi32

user32

shlwapi

kernel32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 29KB - Virtual size: 29KB

.crt Size: 512B - Virtual size: 220KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 29KB - Virtual size: 29KB

.crt
Size: 512B - Virtual size: 220KB