a7fd83e22c7cb8b7a42cf5de2da5cfe6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7fd83e22c7cb8b7a42cf5de2da5cfe6_JaffaCakes118
Size

260KB
MD5

a7fd83e22c7cb8b7a42cf5de2da5cfe6
SHA1

c50232502e26c02b3f9982c1a145f66046e2d9dc
SHA256

1d2d45754e2a255cbba51da5afe19c3e965bd836d3d0982f141c409a07830dc1
SHA512

931087fec7039d27a9eca0b94b5b0f9e2d9006af4b950a8078ab46c6820a8c06d0611cb50ee6a7470a82b9ba831c8f652ab78f6ced5aa232f14cb39c282e2d8e
SSDEEP

6144:zybm6a+mnFVVfpqRBW9pddQUYT548A9xfWFin8M:zSa+mnhCB6Qk8A+i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7fd83e22c7cb8b7a42cf5de2da5cfe6_JaffaCakes118

Files

a7fd83e22c7cb8b7a42cf5de2da5cfe6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a42d90fe4d9311ebe511f925c060494

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA

kernel32

InterlockedDecrement
CompareStringA
CreateFileMappingA
InterlockedExchangeAdd
GetSystemTime
DeleteFileA
ConnectNamedPipe
GetFileAttributesA
lstrcmpW
MapViewOfFileEx
SetThreadIdealProcessor
FreeEnvironmentStringsA
HeapAlloc
GetThreadContext
OpenThread
GetUserDefaultUILanguage
lstrcpyA
HeapCreate
GetSystemDefaultLCID
HeapFree
RtlMoveMemory
HeapDestroy
MapViewOfFile
CreateNamedPipeA
GetThreadLocale
EnterCriticalSection
lstrcpynW
GetSystemTimes
FlushViewOfFile
GetFileTime
GetTickCount
UnmapViewOfFile
CreateFileA
CloseHandle
SetThreadPriority
GetCurrentProcessId
GetSystemTimeAdjustment
WaitForMultipleObjectsEx
PeekNamedPipe
CreateMutexA
SetThreadContext
GetUserDefaultLangID
RegisterWaitForSingleObject
ResetEvent
SystemTimeToFileTime
HeapReAlloc
DeleteCriticalSection
CreateIoCompletionPort
GetNamedPipeInfo
GetLocaleInfoA
ReadFile
lstrlenA
InterlockedPopEntrySList
CopyFileA
GetStringTypeA
InterlockedPushEntrySList
SetFilePointer
ConvertDefaultLocale
SetThreadLocale
InitializeCriticalSection
CallNamedPipeA
PostQueuedCompletionStatus
EncodePointer
OpenFileMappingA
IsValidLocale
SetLastError
ReadFileScatter
WriteFileEx
DecodePointer
EnumSystemLocalesA
GetFileAttributesExA
GetSystemDefaultLangID
VirtualAllocEx
SetFilePointerEx
lstrlenW
EnumSystemLanguageGroupsA
GetCurrentDirectoryA
RegisterWaitForSingleObjectEx
InterlockedFlushSList
GetEnvironmentStringsA
InterlockedIncrement
GetLocalTime
LeaveCriticalSection
GetThreadPriorityBoost
GetQueuedCompletionStatus

gdi32

GetStockObject
CreateCompatibleBitmap
CreateICW
LineTo
DeleteObject
GetDeviceCaps
CreateSolidBrush
CreateCompatibleDC
CreateRectRgn
PatBlt

msvcrt

_except_handler3
time
__setusermatherr
_acmdln
rand

user32

PostQuitMessage
wsprintfW
MessageBoxW
TranslateAcceleratorW
BeginPaint
DispatchMessageW
EnableMenuItem
LoadCursorW
RegisterClassW
GetClientRect
GetDesktopWindow
SendMessageW
SystemParametersInfoW
FlashWindow
DefWindowProcW
EndDialog
KillTimer

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a42d90fe4d9311ebe511f925c060494

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

msvcrt

user32

Sections

.text Size: 173KB - Virtual size: 173KB

.data Size: 69KB - Virtual size: 69KB

.rsrc Size: 16KB - Virtual size: 552KB

.text
Size: 173KB - Virtual size: 173KB

.data
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 16KB - Virtual size: 552KB