8c83bbfd24398e63747ccfd19d44b472_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8c83bbfd24398e63747ccfd19d44b472_JaffaCakes118
Size

181KB
MD5

8c83bbfd24398e63747ccfd19d44b472
SHA1

a109f3a9a30e61e791e21a712f741e18579b01b3
SHA256

d339fe36fea6a038e7a1c01913f346ab8afc2d7c0296cdfd01d7f07f56968794
SHA512

c753020641624b390dce6a2406ec5d3cdb133974ccd99cd9fe6c9844ea9a60714e82986c6d11fe5d7675dca837c71af21f174f6dbaf32118dfe1648434046992
SSDEEP

3072:Qde3NE5UxKBK3SLYwMcOnKJdHKunZOvOh55xYFWYXnoEHDUC+wsRyRqdPUH/kv:Ye3i0KBKCLYwE2ZXxxcoEAC+fyRqd6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c83bbfd24398e63747ccfd19d44b472_JaffaCakes118

Files

8c83bbfd24398e63747ccfd19d44b472_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abe874a23131edf48d23648a99244dd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
InterlockedIncrement
GetThreadPriority
GetEnvironmentVariableA
GetThreadIOPendingFlag
ResetEvent
GetTempFileNameA
InterlockedExchange
SetLastError
HeapCreate
MultiByteToWideChar
GetPrivateProfileStringA
GlobalFree
TlsSetValue
RaiseException
Sleep
ExitProcess
GetStartupInfoA
HeapFree
IsBadCodePtr
CreateFileW
GetOEMCP
GetProcAddress
CloseHandle
HeapReAlloc
GetCPInfo
TransmitCommChar
GetCurrentProcess
GetPriorityClass
GetFullPathNameW
IsBadWritePtr
SetEvent
GetUserDefaultLCID
LCMapStringA
TlsFree
FreeLibrary
GetACP
WriteFile
HeapAlloc
GetModuleFileNameA
GetFullPathNameA
IsBadReadPtr
GetLastError
GlobalAlloc
TerminateProcess
FlushFileBuffers
lstrcmpW
CreateSemaphoreA
CompareStringW
GetStringTypeW
CreateFileMappingA
HeapSize
GetCurrentThreadId
WideCharToMultiByte
GetTempPathA
LeaveCriticalSection
GetModuleHandleA
RtlUnwind
EnumResourceNamesW
SetPriorityClass
GetTickCount
LoadLibraryA
GetDiskFreeSpaceExA
CreateMutexA
InitializeCriticalSection
ExitThread
GetCommandLineA
TlsGetValue
MapViewOfFile
GetTimeZoneInformation
UnhandledExceptionFilter
ExitProcess
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FileTimeToSystemTime
IsDBCSLeadByte
WritePrivateProfileStringA
FileTimeToLocalFileTime
WaitForSingleObject
SetHandleCount
GetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsAlloc
GetSystemTime
HeapDestroy
SetStdHandle
CreateThread
SetEndOfFile
DeleteCriticalSection
lstrcmpA
CompareStringA
GlobalUnlock
GetTempPathW
lstrcpyA
SetUnhandledExceptionFilter
EnterCriticalSection
ReleaseSemaphore
LoadLibraryW
GetStringTypeA
InterlockedDecrement
UnmapViewOfFile
OutputDebugStringA
SetEnvironmentVariableA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

user32

MessageBoxA
CharNextA
wsprintfA
GetKeyState
CharUpperA
wsprintfW
CharLowerA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abe874a23131edf48d23648a99244dd7

Headers

File Characteristics

Imports

kernel32

advapi32

user32

msimg32

shlwapi

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 216KB