b130a02370f6c4f01a023df4271e1e88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b130a02370f6c4f01a023df4271e1e88_JaffaCakes118
Size

623KB
MD5

b130a02370f6c4f01a023df4271e1e88
SHA1

c0060fccbe98b96d543d69eda82d37ccf9bb6148
SHA256

ba0da2419bcb50a9ba388d5724b481adf14192f75178cc49a0bc487d45b4b4a5
SHA512

21f2766636b811d755897d3644044589ebc2b5705c23a2775445e47492374ef3222fd1839d9f1328bc5823da67ea44c0a1f2a6a9fb4884f0ce76d71c4a2626e4
SSDEEP

12288:TYvFZaOajhcfSeGwT7i9zmvKDwHKAC6liBwva5T+ICQMay1:TYvFM1uRS9zmTqAcBwv4dGay1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b130a02370f6c4f01a023df4271e1e88_JaffaCakes118

Files

b130a02370f6c4f01a023df4271e1e88_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de10069f66a2a4cf9b4bc3579f31c431

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
IsWindow
DispatchMessageA
GetDC
DestroyWindow
ShowWindow
EnableWindow
PeekMessageA
TranslateMessage
LoadStringA
GetWindowLongA
ReleaseDC
EndPaint
SetFocus
BeginPaint
DefWindowProcA
GetWindowRect
SetWindowLongA
GetDlgItem
LoadCursorA
GetDesktopWindow
SetForegroundWindow
EndDialog
GetSysColor
SystemParametersInfoA
InvalidateRect
SetCursor

kernel32

GetOEMCP
RtlUnwind
GetLastError
TlsGetValue
TlsAlloc
GetFileType
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetVersion
GetStdHandle
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
SetEndOfFile
VirtualAlloc
Sleep
VirtualFree
HeapCreate
WideCharToMultiByte
SizeofResource
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCommandLineA
HeapSize
GetCurrentDirectoryA
LockResource
GetCurrentProcessId
GetEnvironmentStrings
RemoveDirectoryA
GlobalAlloc
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
LCMapStringW
LeaveCriticalSection
ExitProcess
TlsSetValue
CreateFileW
FindFirstFileW
CompareStringA
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
InterlockedIncrement
GetCurrentThreadId
VirtualQuery
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
LocalFree
FreeLibrary
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
GetCPInfo
SetStdHandle
CreateFileA
lstrcatA
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 598KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de10069f66a2a4cf9b4bc3579f31c431

Headers

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 598KB - Virtual size: 597KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 598KB - Virtual size: 597KB

.rsrc
Size: 4KB - Virtual size: 4KB