aea28b49d5f9d7f5afb33f345c6257d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aea28b49d5f9d7f5afb33f345c6257d3_JaffaCakes118
Size

596KB
MD5

aea28b49d5f9d7f5afb33f345c6257d3
SHA1

ab477667d1df6d3325716cb7b85aff549bcd7bc2
SHA256

c8f6f858d25f862ee05bfb3bbc7d34e230230781f93339f0c0f6be3b57f18766
SHA512

744b26bb4e1888006acfd333ef2aec2c89c71952e1a8740f0a347949ddbcf7a9f541ee74a2e6210e7191df5d8f1bc3b42ea4baf29b7fe44d4c5d5a7ae92191ac
SSDEEP

12288:B1i3xsp2XN0ZM5P3Jp+1DUxwCXBvyToXwzg3zQHj4J/:mB92+5/Jp+1DUxFWoXEkyjQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aea28b49d5f9d7f5afb33f345c6257d3_JaffaCakes118

Files

aea28b49d5f9d7f5afb33f345c6257d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b27cfc7c63c007c208b35507b7714781

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
VirtualFree
Sleep
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LoadLibraryExW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GetProcAddress
FindFirstFileW
CreateFileMappingA
ResetEvent
CompareStringA
FindFirstFileA
lstrcmpA
FreeEnvironmentStringsW
CompareStringW
GetProcessHeap
WaitForMultipleObjects
DeleteFileW
SetEvent
SetErrorMode
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCPInfo
GetLocaleInfoA
SetEndOfFile
CreateEventW
GlobalAlloc
GetVersion
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
GetExitCodeProcess
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
GetTempPathA
SetStdHandle
GetLocaleInfoW
ReleaseMutex
ExpandEnvironmentStringsA
lstrcatA
LocalAlloc
GetConsoleMode
GetCurrentDirectoryA
GetStartupInfoW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetFileAttributesW
HeapDestroy
FindNextFileA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
lstrlenW
GetConsoleOutputCP
GetStdHandle
HeapSize
GetCommandLineA
InterlockedCompareExchange
GetCurrentThread
RaiseException
MapViewOfFile
TlsFree
SetFilePointer
ReadFile
CloseHandle
GetACP
GetModuleHandleW
SizeofResource
CreateProcessA
HeapCreate
CreateProcessW
VirtualAlloc
GetCurrentThreadId
GetOEMCP

user32

SetWindowLongA
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
SetFocus
SetTimer
GetWindowLongA
RegisterClassA
EnableMenuItem
DispatchMessageA
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
SetWindowPos
EnableWindow
ShowWindow
FillRect
EndDialog
GetParent
GetMessageA
DestroyWindow
GetKeyState
GetCursorPos
GetDC
PostMessageA
PeekMessageA
EndPaint
IsWindow
PostQuitMessage
SetForegroundWindow
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
TrackPopupMenu
GetSystemMenu
ReleaseDC
SetDlgItemTextA
MessageBoxA
SetWindowTextA
wsprintfA
UpdateWindow
GetSysColor
SystemParametersInfoA
IsWindowVisible
DrawTextA
InvalidateRect
SendMessageA
GetClientRect
GetFocus
SetCursor
CreateWindowExA

gdi32

BitBlt
SetBkColor
DeleteObject
GetDeviceCaps
DeleteDC
CreateCompatibleDC
SelectObject
CreateSolidBrush

oleaut32

SysStringLen
VariantClear

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExA
RegCreateKeyExA
RegQueryValueExW
RegSetValueExA
RegDeleteValueA
RegCloseKey

Sections

giukuiw
Size: 595KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b27cfc7c63c007c208b35507b7714781

Headers

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

advapi32

Sections

giukuiw Size: 595KB - Virtual size: 594KB

.bss Size: - Virtual size: 1KB

giukuiw
Size: 595KB - Virtual size: 594KB

.bss
Size: - Virtual size: 1KB