ad7edf384fec58711bca427c2801535d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ad7edf384fec58711bca427c2801535d_JaffaCakes118
Size

480KB
MD5

ad7edf384fec58711bca427c2801535d
SHA1

633cc09c5c646c108ca5e97fe764722116a3d932
SHA256

5613017ea477cb86f990ca149e46e59326b7f1a7892c6f1100b3b62fdd88cc9a
SHA512

8b49686016519233f3fe694261fd5676ae771ebb5a99b2956e95db0b49e04091758060f562b732ecdd3e6b0be8f9d8c3dae6d78418500a7a6083107cfc00e972
SSDEEP

12288:HOGl6lR9SSKDzI4pLE/0SQgOtxQ9+1wLSnVbKvBu/zf:uGl6ljSpD04q0f/Q9+6LSxKv8b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad7edf384fec58711bca427c2801535d_JaffaCakes118

Files

ad7edf384fec58711bca427c2801535d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa04b3365afa69156a41ea6e2e23323a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegSetValueExA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

DeleteFileA
GetStartupInfoA
IsDebuggerPresent
RaiseException
GetExitCodeProcess
FindNextFileA
UnmapViewOfFile
ReleaseMutex
GetSystemInfo
SetEndOfFile
ReadFile
LoadLibraryA
GetCommandLineA
InterlockedDecrement
GetStringTypeA
DeleteCriticalSection
SetEvent
SetLastError
FileTimeToSystemTime
IsValidCodePage
WriteConsoleW
VirtualAlloc
HeapReAlloc
QueryPerformanceCounter
FreeEnvironmentStringsW
SetStdHandle
CreateEventA
LoadLibraryExW
CreateMutexA
FlushFileBuffers
SetUnhandledExceptionFilter
GetStringTypeW
TlsFree
GetLocalTime
InterlockedCompareExchange
InterlockedExchange
UnhandledExceptionFilter
GetVersionExA
EnterCriticalSection
GetConsoleMode
CreateEventW
ResetEvent
InitializeCriticalSection
DeleteFileW
GetEnvironmentStringsW
Sleep
FindNextFileW
CreateFileW
GetProcessHeap
LCMapStringW
MulDiv
CompareStringW
LCMapStringA
lstrlenA
FreeEnvironmentStringsA
GetEnvironmentStrings
HeapCreate
GetTickCount
GlobalUnlock
LoadResource
FindResourceA
GetModuleHandleW
FindClose
TerminateProcess
FindFirstFileA
GetCommandLineW
WriteConsoleA
HeapAlloc
GetFileType
GetStdHandle
FormatMessageW
SizeofResource
GetLastError
GetModuleFileNameW
CreateThread
GetFileSize
LockResource
GetProcAddress
GetModuleHandleA
GetDiskFreeSpaceA
LeaveCriticalSection
GetStartupInfoW
GlobalAlloc
GetConsoleCP
VirtualFree
WaitForSingleObject
GetFileAttributesW
FreeLibrary
MapViewOfFile
HeapSize
GetFullPathNameA
GetTimeZoneInformation
CreateFileMappingA
CloseHandle
CreateFileA
GetCurrentThread
GetEnvironmentVariableA
GetCurrentDirectoryA
GetTempPathA
GetVersion
GetCPInfo
SetErrorMode
GetWindowsDirectoryA
GetACP
GetSystemTimeAsFileTime
CompareStringA
GetConsoleOutputCP
MultiByteToWideChar
RemoveDirectoryA
InterlockedIncrement
TlsAlloc
TlsGetValue
GetModuleFileNameA
FormatMessageA
LoadLibraryW
TlsSetValue
GlobalLock
GlobalFree
GetCurrentThreadId
LocalFree
LocalAlloc
VirtualQuery
SetHandleCount
GetLocaleInfoA
WideCharToMultiByte
lstrlenW
SetFilePointer
GetOEMCP
GetDriveTypeA
GetCurrentProcessId
GetThreadLocale
GetCurrentProcess
ExitProcess
HeapFree
CreateProcessA
WriteFile
HeapDestroy
FindFirstFileW

user32

PostQuitMessage
PostMessageA
ClientToScreen
EndDialog
UpdateWindow
ScreenToClient
SetWindowLongA
PeekMessageA
EnableMenuItem
GetSubMenu
SetForegroundWindow
InvalidateRect
IsIconic
EnableWindow
GetWindowRect
EndPaint
SendMessageA
GetWindowLongA
KillTimer
DestroyWindow
SetCursor
LoadCursorA
SetWindowTextA
DispatchMessageA
BeginPaint
CheckMenuItem
GetSystemMetrics
LoadStringA
MapWindowPoints
GetDesktopWindow
GetSysColor
ShowWindow
ReleaseDC
GetDC
GetDlgItem
GetFocus
MessageBoxA
GetWindow
GetParent
SetFocus
DefWindowProcA
SetWindowPos
TranslateMessage
GetClientRect
IsWindowVisible

gdi32

CreateCompatibleDC
DeleteDC
GetDeviceCaps
BitBlt
GetStockObject
SetBkColor
DeleteObject

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 400KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa04b3365afa69156a41ea6e2e23323a

Headers

File Characteristics

Imports

advapi32

version

kernel32

user32

gdi32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 400KB - Virtual size: 398KB

.rsrc Size: 4KB - Virtual size: 736B

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 400KB - Virtual size: 398KB

.rsrc
Size: 4KB - Virtual size: 736B