966ea9aeeed879a89f896ad3fc4d63d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

966ea9aeeed879a89f896ad3fc4d63d3_JaffaCakes118
Size

400KB
MD5

966ea9aeeed879a89f896ad3fc4d63d3
SHA1

88df3e1ec890d90c3b431201a70fbaca049204f2
SHA256

c2b08e62aa25c0166dbb1ee4440476b8acf11fcb9595c78a96df8a6d739649ca
SHA512

52c5491141d9aad5b90651f7bb507b36e6828d22927f32846db6ea32abde0e59c4df8ad770d1b99d015a3412c84f63785cac9e89bdd1e4dc3ad8f158fb34f489
SSDEEP

6144:A9KL5dXaQ0bRjbN00g869LXsrmIfYXJ83tuadZHJ9w3D+7N:AbNVc9LX+Gq9uaLUw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
966ea9aeeed879a89f896ad3fc4d63d3_JaffaCakes118

Files

966ea9aeeed879a89f896ad3fc4d63d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db6c1efdcf95c2651964581f3eb184b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
LCMapStringW
LoadLibraryExW
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
CompareStringA
lstrcpyA
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetEvent
GetStartupInfoW
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
IsBadWritePtr
GetTickCount
QueryPerformanceCounter
FreeLibrary
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
TlsFree
CreateEventW
GetConsoleMode
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
TlsSetValue
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
lstrcmpiW
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
LocalFree
GetOEMCP
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
LoadLibraryW
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
lstrcatA
LocalAlloc
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetSystemDefaultLCID
GetUserDefaultLangID
GetSystemDefaultLangID
GetUserDefaultLCID
GetModuleHandleA
ReadFile
SetEndOfFile
CloseHandle
GetACP
GetModuleHandleW
SizeofResource
WideCharToMultiByte
IsValidCodePage
UnmapViewOfFile
VirtualFree
Sleep
IsBadReadPtr
VirtualAlloc
GetLocaleInfoA
ResetEvent

advapi32

RegDeleteValueA
RegSetValueExW
RegQueryValueExA
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW

user32

ScreenToClient
GetDlgItem
GetSubMenu
CheckMenuItem
SetWindowTextA
EndDialog
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
PeekMessageA
SetFocus
ReleaseDC
CreateWindowExA
GetWindowLongA
SetWindowLongA
RegisterClassA
EnableMenuItem
LoadCursorA
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
GetDC
EndPaint
DispatchMessageA
IsWindow
SetWindowPos
SystemParametersInfoA
IsWindowVisible
wsprintfA
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
SetCursor
GetDesktopWindow
FillRect
GetFocus
MessageBoxA
GetSysColor
TranslateMessage
PostMessageA

gdi32

DeleteObject
GetDeviceCaps
CreateCompatibleDC
SelectObject
CreateSolidBrush
CreateCompatibleBitmap
SetBkMode

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString

ole32

CoTaskMemFree
CoInitialize
CoUninitialize

msvcrt

exit
_controlfp

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 324KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db6c1efdcf95c2651964581f3eb184b2

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

oleaut32

ole32

msvcrt

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 324KB - Virtual size: 321KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 324KB - Virtual size: 321KB

.rsrc
Size: 8KB - Virtual size: 6KB