a0be968cd36882fb2e5f847467db4371_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0be968cd36882fb2e5f847467db4371_JaffaCakes118
Size

140KB
MD5

a0be968cd36882fb2e5f847467db4371
SHA1

f502ab125c8135fad493a2e77d61ca2a65a2400b
SHA256

7b454dc22e03b77de6c342a7e499c63ce43d651049eadf61df81c18308ff6d2e
SHA512

f8850849fdd0cf614e4a59f19efac07361555d4033bed3d3443b8bd30a3c13e5b016c1c52320f25001efc904572128c243f82cd4145f473fbe9ea911e289550b
SSDEEP

1536:PAwe5j77ozOyW25TnPBq9ruP8k9Hx62ytxFOVgLzW/4L+jH5KOEBhY0puk+aTZKj:Kn7oyS5TnP5R62SrEEMpDDE4tkKj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0be968cd36882fb2e5f847467db4371_JaffaCakes118

Files

a0be968cd36882fb2e5f847467db4371_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc01e4469c6af60c9ff162eb4b3e12f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
GetCurrentProcess
GetTickCount
lstrcmpA
SetEndOfFile
GetVersionExA
WinExec
GetTempFileNameA
GetSystemDirectoryA
GetTempPathA
GetModuleFileNameA
GetWindowsDirectoryA
CreateFileA
CloseHandle
CopyFileA
WriteFile
lstrcatA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
GetLastError
GetShortPathNameA
MoveFileExA
lstrcpyA
RemoveDirectoryA
GetSystemDefaultLangID
lstrlenA
GetCommandLineA
GetStartupInfoA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
LoadLibraryA
GetStringTypeA
GetVersion
MultiByteToWideChar
RtlUnwind
LCMapStringA
VirtualFree
HeapCreate
HeapFree
GetFileType
GetStdHandle
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
LCMapStringW
UnhandledExceptionFilter
TerminateProcess
GetModuleHandleA
GetACP
GetOEMCP
ExitProcess
GetCPInfo

user32

GetForegroundWindow
CharUpperBuffA
SendDlgItemMessageA
ExitWindowsEx
InvalidateRect
TranslateMessage
DispatchMessageA
PeekMessageA
DialogBoxParamA
MessageBoxA
LoadStringA
SetWindowTextA
PostMessageA
EnableWindow
GetWindowTextA
GetDlgItem
SendMessageA
GetClientRect
MapWindowPoints
EndDialog
ShowWindow
SetFocus
BeginPaint
EndPaint
FindWindowA

gdi32

SetPixel

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

comctl32

ord17

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc01e4469c6af60c9ff162eb4b3e12f0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 108KB - Virtual size: 108KB