a98f9212464d06f783b32c7e5fd67781_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a98f9212464d06f783b32c7e5fd67781_JaffaCakes118
Size

548KB
MD5

a98f9212464d06f783b32c7e5fd67781
SHA1

c5b74dc0b275bb99a5a6545d0840d2880e3fc043
SHA256

239251915cc1bcb1bac4902fe4b2fec2808a7aa811e7e598433830bd4aeba8e3
SHA512

43344ad615dbb91b7c932f4a38ac075f8402051b54128afc18f95d23c9d958d7cc3c65ae760a75797a551ff6f7c9ec0f0fb2b23ebd7fd70cdd785723ff282e49
SSDEEP

12288:z7BOlSluTkYsbKI1Z3Oq6CdkzOEZsYuow/AlcQ87tMy:zdPlu4mk3LNdcOGnuoc0cQ87tM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a98f9212464d06f783b32c7e5fd67781_JaffaCakes118

Files

a98f9212464d06f783b32c7e5fd67781_JaffaCakes118
.exe windows:5 windows x86 arch:x86

514f56a631944f0e24f6330af1e71ddb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetCurrentThread
InterlockedCompareExchange
HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
VirtualFree
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
ExpandEnvironmentStringsA
DuplicateHandle
FindNextFileA
CompareStringA
lstrcpyA
FindFirstFileA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
SetEvent
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
GetSystemTime
EnterCriticalSection
HeapFree
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetVersion
SetFilePointer
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
GetExitCodeProcess
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
lstrcmpiA
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetStdHandle
GetEnvironmentVariableA
RtlUnwind
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SizeofResource
CreateProcessA
IsValidCodePage
HeapCreate
WriteFile
CreateProcessW
Sleep
FindResourceA
VirtualAlloc
TerminateProcess
GetOEMCP

user32

GetWindowRect
GetSystemMetrics
BeginPaint
SetFocus
CreateWindowExA
GetWindowLongA
RegisterClassA
EnableMenuItem
GetWindow
IsWindowEnabled
TranslateMessage
SetWindowPos
EnableWindow
SetCapture
ShowWindow
FillRect
UpdateWindow
GetParent
GetMessageA
PtInRect
GetClientRect
UnregisterClassA
GetDC
IsWindow
LoadBitmapA
PostQuitMessage
DestroyWindow
SetWindowLongA
SetWindowTextA
SetTimer
GetDlgItem
LoadCursorA
TrackPopupMenu
GetDesktopWindow
GetFocus
GetSysColor
IsWindowVisible
InvalidateRect
SendMessageA
ReleaseDC
SetCursor
PostMessageA

gdi32

GetStockObject
DeleteDC
GetDeviceCaps
SetTextColor
SetBkColor
BitBlt
CreateCompatibleDC
SelectObject
DeleteObject
CreateSolidBrush

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 488KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

514f56a631944f0e24f6330af1e71ddb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 488KB - Virtual size: 486KB

.data Size: 28KB - Virtual size: 29KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 488KB - Virtual size: 486KB

.data
Size: 28KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 1KB