a57c2f16ee4b82c8a3747dc7c1913792_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a57c2f16ee4b82c8a3747dc7c1913792_JaffaCakes118
Size

163KB
MD5

a57c2f16ee4b82c8a3747dc7c1913792
SHA1

85674acd818d54b6cfe419945729099f9ce531f5
SHA256

3adbf2a60bd936f33e6d9eba4ca7bf8e818e551231365abe84234c01c77f9f4b
SHA512

51ff7ee7508bb5cec83f4920b5cf884aeb6121c4df66e0e272463a9f45058bf2a592416e4428e755f64e77679c7e401bc8bce05f30e6751dfa3ceac647d626b4
SSDEEP

3072:u2qJi56iR3q+2wE0OL19ToTxBUeqYyJg1xzaM6yvdxzWId8o:bqJg3q+230CABUeqYhH19V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a57c2f16ee4b82c8a3747dc7c1913792_JaffaCakes118

Files

a57c2f16ee4b82c8a3747dc7c1913792_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ab1fb8cc5ac24f196cfc44d82f91d4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetACP
GetThreadIOPendingFlag
FlushFileBuffers
GetPriorityClass
FreeEnvironmentStringsW
WriteFile
TlsGetValue
ReleaseSemaphore
WaitForSingleObject
HeapAlloc
LoadLibraryA
GetStartupInfoA
GetTempPathW
CreateFileW
IsBadCodePtr
TlsFree
GetOEMCP
SetEndOfFile
IsBadWritePtr
GetCPInfo
MultiByteToWideChar
FileTimeToSystemTime
TransmitCommChar
GetDiskFreeSpaceExA
GetPrivateProfileStringA
Sleep
GetTempFileNameA
FreeEnvironmentStringsA
OutputDebugStringA
HeapReAlloc
GlobalAlloc
GetSystemTime
HeapCreate
GetFileType
GlobalFree
HeapFree
LCMapStringW
HeapSize
InterlockedExchange
GetTimeZoneInformation
CreateMutexA
GetEnvironmentStringsW
SetPriorityClass
GetEnvironmentVariableA
lstrcmpA
LeaveCriticalSection
EnumResourceNamesW
TlsSetValue
GetStringTypeA
LoadLibraryW
RaiseException
UnmapViewOfFile
lstrcpyA
DeleteCriticalSection
GetCurrentProcess
MapViewOfFile
IsDBCSLeadByte
GetThreadPriority
ExitThread
SetLastError
GetModuleFileNameA
GetLastError
RtlUnwind
InterlockedIncrement
GetModuleHandleA
WritePrivateProfileStringA
GetTempPathA
TerminateProcess
InitializeCriticalSection
GetCommandLineA
ExitProcess
TlsAlloc
GetStringTypeW
GetTickCount
SetUnhandledExceptionFilter
InterlockedDecrement
CloseHandle
CompareStringA
GetFullPathNameW
GlobalUnlock
CreateThread
LCMapStringA
GetEnvironmentStrings
SetEvent
UnhandledExceptionFilter
FreeLibrary
GetFullPathNameA
ResetEvent
EnterCriticalSection
HeapDestroy
GetCurrentThreadId
ExitProcess
GetUserDefaultLCID
GetStdHandle
CreateSemaphoreA
SetStdHandle
CompareStringW
FileTimeToLocalFileTime
SetHandleCount
GetProcAddress
CreateFileMappingA
lstrcmpW
IsBadReadPtr
SetEnvironmentVariableA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

msimg32

AlphaBlend
TransparentBlt

user32

GetKeyState
CharUpperA
CharNextA
wsprintfW
MessageBoxA
wsprintfA
CharLowerA

shlwapi

PathAddBackslashA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ab1fb8cc5ac24f196cfc44d82f91d4e

Headers

File Characteristics

Imports

kernel32

advapi32

msimg32

user32

shlwapi

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 68KB