a83a36beb4ebf9c682ff1715cd2a5f7b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a83a36beb4ebf9c682ff1715cd2a5f7b_JaffaCakes118
Size

190KB
MD5

a83a36beb4ebf9c682ff1715cd2a5f7b
SHA1

b1359ad3526421c6db786d960e49de263be1fa44
SHA256

9f66d58724a90af055bf7714557906f6b65f72391054c3ba454b68da2020df39
SHA512

cd353f7e02c862ca9f203be74ab5eac65b4770b2e1c67f4a33c2ae24259e12d6dad08a5f649dc599790b581884a3098fe11af0b7654ddb0f5335b0b0a191e932
SSDEEP

3072:/6lXOn6Nf9PO2RK4IgdMf1ZUUhkuZLsWUEsqor5dz6TehDOE6cMUFjzGYV3XQ0OR:/d63PD0GdIfUUhkuZgEzoryeFb6vUdzO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a83a36beb4ebf9c682ff1715cd2a5f7b_JaffaCakes118

Files

a83a36beb4ebf9c682ff1715cd2a5f7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b47e62bfc0f398274ac770027bdf96a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
wsprintfA
MessageBoxA
GetKeyState
CharUpperA
CharNextA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

kernel32

SetEvent
InterlockedDecrement
GetProcAddress
CompareStringW
SetHandleCount
HeapReAlloc
GetThreadIOPendingFlag
GetModuleHandleA
lstrcmpW
SetStdHandle
GetStringTypeA
GlobalAlloc
OutputDebugStringA
GetDiskFreeSpaceExA
WideCharToMultiByte
InterlockedExchange
GetTempFileNameA
LeaveCriticalSection
TlsFree
RaiseException
HeapDestroy
GetStringTypeW
FlushFileBuffers
GlobalFree
GetEnvironmentVariableA
HeapCreate
CreateSemaphoreA
TransmitCommChar
LCMapStringW
HeapAlloc
CreateFileW
UnmapViewOfFile
FreeLibrary
InitializeCriticalSection
GetEnvironmentStringsW
GetTempPathA
TlsAlloc
MapViewOfFile
SetLastError
ReleaseSemaphore
FreeEnvironmentStringsA
WriteFile
UnhandledExceptionFilter
DeleteCriticalSection
CreateMutexA
IsBadCodePtr
GetTickCount
GetOEMCP
GetPrivateProfileStringA
GetSystemTime
TerminateProcess
WritePrivateProfileStringA
FileTimeToSystemTime
ExitThread
IsDBCSLeadByte
InterlockedIncrement
EnterCriticalSection
EnumResourceNamesW
GetACP
GetCommandLineA
GetStdHandle
GetUserDefaultLCID
ExitProcess
GetCPInfo
LoadLibraryA
FreeEnvironmentStringsW
GetStartupInfoA
GetEnvironmentStrings
ExitProcess
MultiByteToWideChar
TlsGetValue
SetEndOfFile
FileTimeToLocalFileTime
TlsSetValue
CompareStringA
WaitForSingleObject
Sleep
lstrcpyA
GetFullPathNameW
IsBadReadPtr
CloseHandle
GetCurrentThreadId
CreateFileMappingA
CreateThread
GetLastError
GetModuleFileNameA
GetFileType
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetCurrentProcess
GetThreadPriority
SetPriorityClass
IsBadWritePtr
RtlUnwind
HeapFree
GlobalUnlock
GetTempPathW
GetFullPathNameA
GetPriorityClass
LCMapStringA
ResetEvent
HeapSize
lstrcmpA
LoadLibraryW
SetEnvironmentVariableA

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b47e62bfc0f398274ac770027bdf96a

Headers

File Characteristics

Imports

user32

msimg32

shlwapi

advapi32

kernel32

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 84KB