8a337a0ffff6ec5ade5d5c1ddb9bdf6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a337a0ffff6ec5ade5d5c1ddb9bdf6f_JaffaCakes118
Size

149KB
MD5

8a337a0ffff6ec5ade5d5c1ddb9bdf6f
SHA1

4e5709072b2ab341fdbfe71f62bdf40fc1f5756c
SHA256

0217e2052a76ed55f91542c5df1114d90536030d7aa0069eff1294e9fda85162
SHA512

d7ae09d88bda07763d683db55f021f1805b9aae830c793cccfe85b51bee2110ba6693cadb83da6d71a972bcd635325ac03c9f6666484cc8343ee4d400c74171e
SSDEEP

3072:LrEYYniFaNXJNl8MqqDLy/QMqqDLy/z7MqqDLy/STn:f3YnumqqDLubqqDLuz4qqDLuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a337a0ffff6ec5ade5d5c1ddb9bdf6f_JaffaCakes118

Files

8a337a0ffff6ec5ade5d5c1ddb9bdf6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ceaa50e704d559fdb78d8e3b60ba3c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetTempPathA
SetCurrentDirectoryA
CreateMutexA
ReleaseMutex
GetCommandLineA
Sleep
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FindResourceA
LoadResource
LockResource
SizeofResource
CreateDirectoryA
GetVolumeInformationA
GetVersion
GetCurrentProcess
InitializeCriticalSection
lstrcpyA
GetModuleFileNameA
lstrcpynA
lstrlenW
WideCharToMultiByte
SetLastError
WriteFile
lstrlenA
MultiByteToWideChar
GetCurrentDirectoryA
CreateFileA
CopyFileA
SetFileAttributesA
LoadLibraryA
GetProcAddress
GetTickCount
CreateThread
GetLastError
WaitForSingleObject
TerminateThread
EnterCriticalSection
FreeLibrary
DeleteFileA
CloseHandle
GetModuleHandleA
LeaveCriticalSection
DeleteCriticalSection
TerminateProcess
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
ExitProcess
VirtualFree
VirtualAlloc
IsBadWritePtr
SetEnvironmentVariableA

user32

wsprintfA
wsprintfW
GetDesktopWindow
DialogBoxParamA
EndDialog
GetDlgItemTextA
SetFocus
SetDlgItemTextA
SetWindowTextA
LoadBitmapA
BeginPaint
GetDlgItem
ShowWindow
EndPaint
SendMessageA
LoadIconA
wvsprintfA

gdi32

SelectObject
GetObjectA
BitBlt
DeleteObject
DeleteDC
CreateCompatibleDC

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shell32

ShellExecuteA

ole32

CoTaskMemFree

oleaut32

SysAllocString
SysFreeString

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ceaa50e704d559fdb78d8e3b60ba3c9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 52KB - Virtual size: 57KB

.rsrc Size: 45KB - Virtual size: 44KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 52KB - Virtual size: 57KB

.rsrc
Size: 45KB - Virtual size: 44KB