ab1e3a331e841837e1675ca4619d5d71_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ab1e3a331e841837e1675ca4619d5d71_JaffaCakes118
Size

552KB
MD5

ab1e3a331e841837e1675ca4619d5d71
SHA1

390b4bf57c679843827c942edb5549f5677600b7
SHA256

dc7535604da6efbaa72bd018243f36d887e886be9fb7733dd2d175fd0d70c0e5
SHA512

d6ccb69f3c2d72ff2a0e6335dd70ccda881ec003a9f8469be6418192cad495c583075a82c1f37e4bcc288edaa33c23aa8ac717c03dae93aee6de926f94cc3ff1
SSDEEP

12288:7GEdMqPLSSLMJKNLntXcK2733z2V/P++oLejJgRnXBqOzv3o+6:7GqMqPFLnL5chb3z2VH+1ajJun8OT3z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab1e3a331e841837e1675ca4619d5d71_JaffaCakes118

Files

ab1e3a331e841837e1675ca4619d5d71_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d0de07a0f35e5f6133e72d7c2ddac38e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA

kernel32

VirtualAlloc
VirtualFree
UnmapViewOfFile
IsValidCodePage
GetEnvironmentStrings
GetModuleHandleW
GetACP
FindFirstFileA
SetFilePointer
RaiseException
Sleep
HeapSize
GetCommandLineW
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalUnlock
LCMapStringA
GlobalFree
lstrlenA
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
GetFileType
CreateEventA
CreateEventW
FindFirstFileW
CreateFileMappingA
CompareStringA
FindNextFileW
GetProcessHeap
GetProcAddress
CreateDirectoryA
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
GetVersionExW
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
CloseHandle
InterlockedIncrement
GetCurrentThreadId
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetLocalTime
InterlockedDecrement
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
InitializeCriticalSection
TlsGetValue
LoadResource
GetEnvironmentVariableA
LocalFree
GetOEMCP
GetFullPathNameA
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
GetLocaleInfoW
SetErrorMode
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
WaitForSingleObject
GetFileAttributesA
ReleaseMutex
GetStdHandle
GetModuleHandleA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsSetValue
SetLastError
HeapDestroy
HeapCreate
RtlUnwind
GetCPInfo
HeapReAlloc
MultiByteToWideChar
GetStringTypeW

user32

SetCursor
GetFocus
GetClientRect
SendMessageA
SystemParametersInfoA
GetSysColor
EndDialog
GetDlgItem
wsprintfA
SetWindowLongA
GetWindowRect
KillTimer
BeginPaint
SetFocus
EndPaint
SetTimer
GetWindowLongA
EnableMenuItem
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
EnableWindow
DestroyWindow
GetActiveWindow
ReleaseDC
SetWindowPos
PostQuitMessage
SetForegroundWindow

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0de07a0f35e5f6133e72d7c2ddac38e

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 24KB - Virtual size: 20KB

.data Size: 520KB - Virtual size: 516KB

.rsrc Size: 4KB - Virtual size: 688B

.text
Size: 24KB - Virtual size: 20KB

.data
Size: 520KB - Virtual size: 516KB

.rsrc
Size: 4KB - Virtual size: 688B