aabd5ad4373014483e8fb7d0eb1f568e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aabd5ad4373014483e8fb7d0eb1f568e_JaffaCakes118
Size

190KB
MD5

aabd5ad4373014483e8fb7d0eb1f568e
SHA1

7ff947d46b168dda05534f552b05f667f9793f7b
SHA256

794e8eb2b27a8b2aa4171011b13a471c192d16a48d533821fc8ce90e6226e999
SHA512

56359e1fb9a7c165b40d4266ef2ba4b5df4cf6f0858b1dda3f973fd49143710b942b5c47f62173185e33234fc76be5b6804c6ae2da0ebd86b5ab0b92fa1186f2
SSDEEP

3072:WLTEU/lAEHA3q4KH7zlUj4gDas9juhQCW9hVJ57XLpOg0WUurPwQEJUdsbT8U8d:WsUdAEHN4Kfl6jdX/jJ9XlOgl5PwdmuG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aabd5ad4373014483e8fb7d0eb1f568e_JaffaCakes118

Files

aabd5ad4373014483e8fb7d0eb1f568e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48878cdbbc760ee8d9efca5c6dadf7b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionA

kernel32

GetSystemTimeAsFileTime
IsBadWritePtr
FlushFileBuffers
lstrcpynA
LoadLibraryA
MultiByteToWideChar
IsBadReadPtr
VirtualProtect
SetHandleCount
GetProcAddress
HeapCreate
GetModuleFileNameA
InterlockedDecrement
FreeEnvironmentStringsA
lstrlenA
TlsGetValue
SetHandleInformation
GetCommandLineA
TlsAlloc
HeapAlloc
SetLastError
HeapSize
InterlockedExchange
lstrcmpiA
WriteFile
DeleteCriticalSection
GetCurrentProcess
CloseHandle
TransmitCommChar
LCMapStringA
lstrcatA
UnhandledExceptionFilter
GetEnvironmentStrings
TlsFree
FreeEnvironmentStringsW
GetModuleHandleA
GetEnvironmentStringsW
VirtualQuery
SetStdHandle
VirtualFree
SetFilePointer
GetStartupInfoA
lstrcpyA
VirtualAlloc
EnumResourceNamesW
MulDiv
LCMapStringW
TlsSetValue
GetCPInfo
QueryPerformanceCounter
LockResource
EnterCriticalSection
GetThreadLocale
GetStringTypeA
RtlUnwind
GetProcessHeap
DisableThreadLibraryCalls
SizeofResource
InterlockedIncrement
LoadLibraryExA
GetLastError
GetFileType
GetSystemInfo
GetVersionExA
FlushInstructionCache
GetLocaleInfoA
GetTickCount
GetACP
LeaveCriticalSection
ExitProcess
LoadResource
WideCharToMultiByte
RaiseException
SetUnhandledExceptionFilter
IsBadCodePtr
GetOEMCP
IsDBCSLeadByte
GetStdHandle
HeapDestroy
TerminateProcess
InitializeCriticalSection
HeapReAlloc
lstrlenW
FindResourceA
FreeLibrary
GetStringTypeW
GetCurrentThreadId
ExitProcess
GetCurrentProcessId
HeapFree

advapi32

RegDeleteValueA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegQueryInfoKeyA

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoTaskMemRealloc

user32

IsDlgButtonChecked
ShowWindow
UnregisterClassA
CheckDlgButton
EnableWindow
SendMessageA
IsDialogMessageA
IsWindow
DestroyWindow
SetDlgItemTextA
GetDlgItem
GetDlgItemTextA
CreateDialogParamA
MoveWindow
WinHelpA
GetDC
GetDialogBaseUnits
ReleaseDC
SetWindowLongA
CharNextA

msimg32

AlphaBlend
TransparentBlt

gdi32

GetDeviceCaps
DeleteObject
GetTextExtentPointA
GetTextMetricsA
SelectObject
CreateFontIndirectA

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48878cdbbc760ee8d9efca5c6dadf7b2

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

ole32

user32

msimg32

gdi32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 43KB - Virtual size: 43KB

.crt Size: 512B - Virtual size: 80KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 43KB - Virtual size: 43KB

.crt
Size: 512B - Virtual size: 80KB