ae7ce866a8eb401a17693a4c5f1b2114_JaffaCakes118

General

Target

ae7ce866a8eb401a17693a4c5f1b2114_JaffaCakes118
Size

86KB
MD5

ae7ce866a8eb401a17693a4c5f1b2114
SHA1

c9635e9e68f187602e0c4ad69a209b29ea18f58a
SHA256

4102042c0da5b60890bc84f8cb47ca4a733dff20a54f9ef4e0aef1cb4f68c7a0
SHA512

4dfa3ebccc4b99e3cd609e8b1a1adc307bc936d96974db7b89b66f39db6f63d0558839157478d1d30b7e267576e3c16ffcfd52de88ab4b7dac6100e02909f628
SSDEEP

1536:cPwNiNnxRnFE9/EySej09mXhyRcvaiNMm2+qvpQwmwR9Z7Ywl/DKKwmNh9ar82w5:cPwNUzFnm1PbVwmwRj/F2Kwvwn7/wtPI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae7ce866a8eb401a17693a4c5f1b2114_JaffaCakes118

Files

ae7ce866a8eb401a17693a4c5f1b2114_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cea2f555c37881a9052d3124d61056b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SuspendThread
DeleteFileA
WinExec
ResumeThread
MoveFileExA
CreateThread
MultiByteToWideChar
lstrlenA
lstrlenW
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
WriteFile
DeleteCriticalSection
ReadFile
GetFileSize
CreateFileA
GetVolumeInformationA
GetProcAddress
FreeLibrary
LoadLibraryA
ReleaseMutex
WaitForSingleObject
WaitNamedPipeA
GetLastError
CreateMutexA
GetStartupInfoA
GetModuleHandleA
InitializeCriticalSection
GetTempPathA
GetSystemDirectoryA
CloseHandle
GetPrivateProfileStringA

user32

CharLowerA
SystemParametersInfoA
CharUpperA
ShowWindow
SendMessageA
SetCursorPos
ClientToScreen
FindWindowExA
RegisterWindowMessageA
SendMessageTimeoutA
FindWindowA
GetWindowThreadProcessId
mouse_event
SetForegroundWindow

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
VariantClear

msvcrt

__CxxFrameHandler
_stricmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strncmp
strstr
srand
rand
sprintf
atoi
malloc
free
localtime
time
_strlwr
wcscmp
strncpy

netapi32

Netbios

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cea2f555c37881a9052d3124d61056b8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

netapi32

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 3KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 3KB