ae1611f1411d1a0949604576623b15dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae1611f1411d1a0949604576623b15dc_JaffaCakes118
Size

172KB
MD5

ae1611f1411d1a0949604576623b15dc
SHA1

8d47e3f8e3e17bd466925d0cebc8a84d3910bc36
SHA256

d89cf61e0e8fee449d6619ebbef226c1c9db689083a8f1b90355919f28884d3d
SHA512

097781e4da1f3ae9e7a619cbb9357802ae5e2e7bace63f87edb16e2bd62fd637959e712f932c214192acf4f1baef74de2d2401da6564ac2cffd02bfa7cab412b
SSDEEP

1536:op/bfWQdLnxoL0Sa4PB0UsOQurR3IMKEq4ct5NZb:oVeQALWzmzrFINEq4ct5NZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae1611f1411d1a0949604576623b15dc_JaffaCakes118

Files

ae1611f1411d1a0949604576623b15dc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1c6bd7ab92c3d16f273248da089091be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
HeapReAlloc
HeapReAlloc
SetEvent
VirtualFree
GetCurrentProcessId
FormatMessageW
GetStartupInfoW
WideCharToMultiByte
lstrlenW
HeapAlloc
GetCommandLineW
Sleep
InitializeCriticalSection
GetVersionExA
ReadFile
InterlockedIncrement
GetCommandLineW
HeapReAlloc
GetModuleHandleW
SetEvent
Sleep
GetStartupInfoA
QueryPerformanceCounter
lstrlenW
lstrlenW
LocalAlloc
GetVersionExA
UnhandledExceptionFilter
lstrcpyW

user32

GetWindow
SetCursor
InvalidateRect
GetWindow
GetWindow
DrawTextW
GetWindow
IsWindow
MessageBoxW
FindWindowW
wsprintfW
GetDesktopWindow
GetWindowRect
GetDC
SetForegroundWindow

advapi32

RegSetValueExW
AllocateAndInitializeSid
GetLengthSid
AdjustTokenPrivileges
CloseServiceHandle
CloseServiceHandle
RegQueryValueExW
FreeSid
RegSetValueExW
RegOpenKeyExW

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c6bd7ab92c3d16f273248da089091be

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

Size: 148KB - Virtual size: 160KB

Size: 1024B - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

�vmp0 Size: 2KB - Virtual size: 2KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 512B - Virtual size: 4KB

�reloc Size: 1KB - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 3KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�vmp0
Size: 2KB - Virtual size: 2KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 512B - Virtual size: 4KB

�reloc
Size: 1KB - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 3KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB