ad97df0f3a1d37671c7998eae4a98da3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ad97df0f3a1d37671c7998eae4a98da3_JaffaCakes118
Size

337KB
MD5

ad97df0f3a1d37671c7998eae4a98da3
SHA1

dff789c03f8aeb4a34cfd1295b719797a05fa5c5
SHA256

61ba234061f8376c21ffbc8be108b73afa5e2946ad9b3e1bf0a4948ee84ac5f4
SHA512

7ac61b11861b71390846bb1c40bb6b5df835fa9b5d7baf3deb3159d0b6fceadbde617aebeeecf42921b6a938df7ed6cf3fcc842aaed7b7bc6cb38a052d8941b7
SSDEEP

6144:j5SThLU8rOEM7Af/vuFdqSXpzdIJpsx85haZ5kpFiRMSimDs6voqCpQ/u:jUyNAf/gqCpzesKWqNSLDsSoq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad97df0f3a1d37671c7998eae4a98da3_JaffaCakes118

Files

ad97df0f3a1d37671c7998eae4a98da3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7adc4fcd9261d4a3676c2195845b6c88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
OpenProcessToken
RegDeleteValueA
RegDeleteValueW
RegCreateKeyExA
RegQueryValueExA
GetTokenInformation
RegOpenKeyExA
RegCloseKey

kernel32

GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
GetCommandLineA
HeapSize
GetCPInfo
lstrlenW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
Sleep
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
LoadLibraryExW
InitializeCriticalSection
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
RemoveDirectoryA
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
ResetEvent
FindNextFileW
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
FindResourceA
QueryPerformanceCounter
SetEvent
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
LeaveCriticalSection
GetCurrentThreadId
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
FormatMessageA
TlsGetValue
FindClose
FindFirstFileW
LoadResource
GetEnvironmentVariableA
GetExitCodeProcess
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
LoadLibraryW
WideCharToMultiByte
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetCommandLineW
HeapDestroy
SetEndOfFile
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
SizeofResource
CreateProcessA
IsValidCodePage
HeapCreate
VirtualFree
VirtualAlloc
GetOEMCP
CompareStringA
GetTickCount

oleaut32

SysStringLen
SysAllocString

ole32

CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree

user32

GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
SetFocus
EndPaint
ReleaseDC
DispatchMessageA
CreateWindowExA
GetWindowLongA
RegisterClassA
IsIconic
LoadStringA
GetWindow
wsprintfA
EnableWindow
ShowWindow
ReleaseCapture
GetParent
GetMessageA
DestroyWindow
TranslateMessage
GetDC
IsWindow
SetWindowPos
PostQuitMessage
DestroyMenu
MoveWindow
SetCursor
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
SetWindowLongA
UpdateWindow
SetWindowTextA
GetCursorPos
EndDialog
SetDlgItemTextA
MessageBoxA
GetSysColor
EnableMenuItem
IsWindowVisible
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
PeekMessageA
GetFocus

gdi32

SelectObject
SetTextColor
GetStockObject
SetBkColor
GetDeviceCaps
DeleteObject
BitBlt
CreateSolidBrush

msvcrt

_strcmpi
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
exit
free
_controlfp
__set_app_type
_except_handler3
__p__fmode

Sections

.text
Size: 326KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7adc4fcd9261d4a3676c2195845b6c88

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

ole32

user32

gdi32

msvcrt

Sections

.text Size: 326KB - Virtual size: 325KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 326KB - Virtual size: 325KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 4KB