955547de35c186e1fda86991f0ba6ff4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

955547de35c186e1fda86991f0ba6ff4_JaffaCakes118
Size

163KB
MD5

955547de35c186e1fda86991f0ba6ff4
SHA1

be68905aea59628fd8110f6bfe89a8b567710fa9
SHA256

531fda694144d55cd7e72c7d2c0eb51288e40c5b26c6a42d34096d8f04058e76
SHA512

3cc56f41a03ef7685698af6dfc20abeeea29a15ed7c6aebb1bc44dd8a05186a0b4e08cd3f53abac45c6eb86a0d3a5b117fbd1be96a219e20f91fba80f395bbd4
SSDEEP

3072:u2qJi56iR3q+2wE0OL19ToTxBUeqYyJg1xzaM6yvdxzWId8o:bqJg3q+230CABUeqYhH19V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
955547de35c186e1fda86991f0ba6ff4_JaffaCakes118

Files

955547de35c186e1fda86991f0ba6ff4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ab1fb8cc5ac24f196cfc44d82f91d4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetACP
GetThreadIOPendingFlag
FlushFileBuffers
GetPriorityClass
FreeEnvironmentStringsW
WriteFile
TlsGetValue
ReleaseSemaphore
WaitForSingleObject
HeapAlloc
LoadLibraryA
GetStartupInfoA
GetTempPathW
CreateFileW
IsBadCodePtr
TlsFree
GetOEMCP
SetEndOfFile
IsBadWritePtr
GetCPInfo
MultiByteToWideChar
FileTimeToSystemTime
TransmitCommChar
GetDiskFreeSpaceExA
GetPrivateProfileStringA
Sleep
GetTempFileNameA
FreeEnvironmentStringsA
OutputDebugStringA
HeapReAlloc
GlobalAlloc
GetSystemTime
HeapCreate
GetFileType
GlobalFree
HeapFree
LCMapStringW
HeapSize
InterlockedExchange
GetTimeZoneInformation
CreateMutexA
GetEnvironmentStringsW
SetPriorityClass
GetEnvironmentVariableA
lstrcmpA
LeaveCriticalSection
EnumResourceNamesW
TlsSetValue
GetStringTypeA
LoadLibraryW
RaiseException
UnmapViewOfFile
lstrcpyA
DeleteCriticalSection
GetCurrentProcess
MapViewOfFile
IsDBCSLeadByte
GetThreadPriority
ExitThread
SetLastError
GetModuleFileNameA
GetLastError
RtlUnwind
InterlockedIncrement
GetModuleHandleA
WritePrivateProfileStringA
GetTempPathA
TerminateProcess
InitializeCriticalSection
GetCommandLineA
ExitProcess
TlsAlloc
GetStringTypeW
GetTickCount
SetUnhandledExceptionFilter
InterlockedDecrement
CloseHandle
CompareStringA
GetFullPathNameW
GlobalUnlock
CreateThread
LCMapStringA
GetEnvironmentStrings
SetEvent
UnhandledExceptionFilter
FreeLibrary
GetFullPathNameA
ResetEvent
EnterCriticalSection
HeapDestroy
GetCurrentThreadId
ExitProcess
GetUserDefaultLCID
GetStdHandle
CreateSemaphoreA
SetStdHandle
CompareStringW
FileTimeToLocalFileTime
SetHandleCount
GetProcAddress
CreateFileMappingA
lstrcmpW
IsBadReadPtr
SetEnvironmentVariableA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

msimg32

AlphaBlend
TransparentBlt

user32

GetKeyState
CharUpperA
CharNextA
wsprintfW
MessageBoxA
wsprintfA
CharLowerA

shlwapi

PathAddBackslashA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ab1fb8cc5ac24f196cfc44d82f91d4e

Headers

File Characteristics

Imports

kernel32

advapi32

msimg32

user32

shlwapi

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 68KB