b562b2f94a3faeeb9412e92500c8271d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b562b2f94a3faeeb9412e92500c8271d_JaffaCakes118
Size

72KB
MD5

b562b2f94a3faeeb9412e92500c8271d
SHA1

94b6585af93139e39f4d3114e481d39f8f28f79c
SHA256

1b0a62ffc4286ec9e4a57e850740f1a611de54be63b925af1e0240ac49466206
SHA512

b0181d30fa9ac7b55e09196a27857e721f4f9f33fdb283d669fae087f4d823632f5a273ceac558afadc9c1b933bd003a9935d59473ae880cfc3c5cf9f8967698
SSDEEP

768:AQmtDdP593mVZFDUGbATi48icErFYIWpstX0JbbV7iX/Ke0oH:Xwd73mzFDUGETminHtU/kPKa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b562b2f94a3faeeb9412e92500c8271d_JaffaCakes118

Files

b562b2f94a3faeeb9412e92500c8271d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1672f8cf209d07eb2bf0b464beeb5a08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
lstrcpyA
FileTimeToDosDateTime
FindClose
FindFirstFileA
GetFileAttributesA
lstrlenA
GetLastError
CreateDirectoryA
DeleteFileA
SetFileAttributesA
CreateFileA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointer
GlobalFree
lstrcatA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetWindowsDirectoryA
GetShortPathNameA
MoveFileExA
LeaveCriticalSection
EnterCriticalSection
lstrcmpiA
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
GetPrivateProfileStringA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
ReadFile
TlsAlloc
SetStdHandle
FlushFileBuffers
InterlockedIncrement
InterlockedDecrement
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GlobalAlloc
SetLastError
TlsGetValue
HeapCreate
VirtualAlloc
VirtualFree
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
GetEnvironmentVariableA
FreeEnvironmentStringsA
HeapDestroy
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

user32

GetDlgItem
CharNextA
CharToOemA
DestroyWindow
LoadCursorA
RegisterClassA
CreateDialogParamA
LoadImageA
SendMessageA
ShowWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
GetClientRect
GetDesktopWindow
SetWindowPos
PostMessageA
LoadStringA
MessageBoxA
OemToCharA
DefDlgProcA
PostQuitMessage

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1672f8cf209d07eb2bf0b464beeb5a08

Headers

File Characteristics

Imports

kernel32

user32

shell32

comctl32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 3KB