b00414328307b67f960fd201873e2aa7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b00414328307b67f960fd201873e2aa7_JaffaCakes118
Size

536KB
MD5

b00414328307b67f960fd201873e2aa7
SHA1

dc93b26e8545366380282b75c86dc2862f0c7323
SHA256

2e2ac70b765906189900ade96e6069b2d7c79fb23c6090220753459499a94b6f
SHA512

e4c774bf78d4b62867654d8fddb82a4c74fd921c75290a4804eade606fee8589c560c496270c19143ef3a6e64bf59698470556df813b916aa593b8888df5ce58
SSDEEP

12288:LI+KOduaf19g/qWPUACVDj5lgiV0ez24BwhilV1Xi6SPwZTMGv/z5:k+duad6UA4j5SiV0mwhi9Xi7wpMGz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b00414328307b67f960fd201873e2aa7_JaffaCakes118

Files

b00414328307b67f960fd201873e2aa7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7615a652191f2f697155dc6b96c289ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCloseKey
RegDeleteValueW
RegOpenKeyExA
RegDeleteKeyA

oleaut32

SysStringLen
VariantInit
SysFreeString
VariantClear

kernel32

FindNextFileA
GetStartupInfoA
LeaveCriticalSection
GetEnvironmentStrings
InterlockedDecrement
QueryPerformanceCounter
SetLastError
WriteConsoleW
UnhandledExceptionFilter
SetEvent
FreeLibrary
GetVersionExA
GlobalUnlock
CloseHandle
HeapFree
GetSystemInfo
GetStringTypeA
GetStringTypeW
GetExitCodeProcess
LCMapStringA
CompareStringW
GlobalAlloc
GetCommandLineA
EnterCriticalSection
TlsFree
HeapDestroy
CreateFileW
SetStdHandle
GetProcessHeap
GetEnvironmentStringsW
GetCurrentThreadId
GetProcAddress
LoadLibraryA
TerminateProcess
CreateThread
GetFileAttributesA
VirtualAlloc
SetUnhandledExceptionFilter
GetThreadLocale
FindFirstFileW
FlushFileBuffers
HeapCreate
GetCurrentProcessId
SizeofResource
GetConsoleOutputCP
GetFileType
GetCurrentProcess
DeleteCriticalSection
GetOEMCP
LocalFree
LocalAlloc
LoadResource
FindResourceA
LoadLibraryW
GetModuleHandleA
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
WaitForSingleObject
GetWindowsDirectoryA
VirtualQuery
HeapSize
GetTimeZoneInformation
CreateFileA
HeapAlloc
ExitProcess
GetVersion
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetHandleCount
GetStdHandle
TlsSetValue
TlsAlloc
TlsGetValue
GetLastError
GetEnvironmentVariableA
VirtualFree
RtlUnwind
WriteFile
InterlockedIncrement
InitializeCriticalSection
GetCPInfo
GetACP
HeapReAlloc
LCMapStringW

user32

GetWindowLongA
InvalidateRect
GetClientRect
IsWindow
CallWindowProcA
EnableWindow
PeekMessageA
TranslateMessage
DestroyWindow
GetWindowRect
SendMessageA
ScreenToClient
GetSubMenu
SetCursor
LoadCursorA
UpdateWindow
IsWindowEnabled
GetDC
GetDesktopWindow
GetDlgItem
GetWindow
CreateWindowExA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 420KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7615a652191f2f697155dc6b96c289ba

Headers

File Characteristics

Imports

advapi32

oleaut32

kernel32

user32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 420KB - Virtual size: 421KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 420KB - Virtual size: 421KB

.rsrc
Size: 4KB - Virtual size: 2KB