a489224e4c1a6db9da6a0e17d5cc50dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a489224e4c1a6db9da6a0e17d5cc50dc_JaffaCakes118
Size

100KB
MD5

a489224e4c1a6db9da6a0e17d5cc50dc
SHA1

81ca9468a8e7f8f6bfd88e81c6efab582c9e442e
SHA256

cd41c2bd16bc77a08752c5cf76c9e9a3d93d484a07c6c40c18de560689a96ca8
SHA512

43901cba34c90480f0e19980cc1e033f05a5f4479573ba41ad6e38813107608cb3eb8428c229e34ab966573c4e2861bcf68151e9b32e7eb12d38ac53c99a6195
SSDEEP

1536:nggI08/NN9g32LQdvPYpxWVZuWO9d/dpmpjclR4vEQ0J/4ELmYmIV:nGdvP+Z49jpmpjclCEzJQw1mY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a489224e4c1a6db9da6a0e17d5cc50dc_JaffaCakes118

Files

a489224e4c1a6db9da6a0e17d5cc50dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5089406f8cd2cd1407ebbf39901b2a2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

kernel32

GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetVersion
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
LCMapStringA
LoadLibraryA
MultiByteToWideChar
RtlUnwind
SetFilePointer
SetHandleCount
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TerminateThread
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentProcess
GetCommandLineA
CloseHandle
CreateEventA
GetFileType
CreateFileA
CreateThread
DeviceIoControl
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetEnvironmentVariableA

shell32

ShellExecuteA
Shell_NotifyIconA

user32

IsIconic
IsWindowVisible
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MessageBoxA
MoveWindow
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageA
SetCapture
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
InvalidateRect
SetWindowTextA
ShowWindow
TranslateAcceleratorA
TranslateMessage
UnregisterClassA
UpdateWindow
wsprintfA
GetSystemMetrics
GetMessageA
GetMenu
GetForegroundWindow
GetFocus
GetDlgItem
GetDC
GetClientRect
FillRect
EndPaint
EndDialog
DrawTextA
DispatchMessageA
DialogBoxParamA
CreateWindowExA
CheckMenuItem
BeginPaint
GetWindowRect
SetWindowPos
GetWindowLongA
GetParent
DefWindowProcA

gdi32

TextOutA
SetTextColor
SetTextAlign
SetBkMode
SetBkColor
SelectObject
PolyBezier
MoveToEx
LineTo
GetStockObject
GetPixel
GetObjectA
ExtCreatePen
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5089406f8cd2cd1407ebbf39901b2a2c

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

shell32

user32

gdi32

Sections

.text Size: 72KB - Virtual size: 71KB

.data Size: 32KB - Virtual size: 31KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 72KB - Virtual size: 71KB

.data
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB