b1bc212c00703ef6fe2d32981a3ba87a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1bc212c00703ef6fe2d32981a3ba87a_JaffaCakes118
Size

156KB
MD5

b1bc212c00703ef6fe2d32981a3ba87a
SHA1

2166f2a5bedc394edb7dfa32b0e29a84bf50bb25
SHA256

b9a5ead0f4190b3de17ff0f2d590b945245fc5464e045ead7481cdfac803c2a1
SHA512

04ae52e34741f8d41c1f328ba310b49ef1639d0812d183c72ad0f0a82de1618eb4fe350ba43611a9e0dfa32df0e3d9fa326f77fad5360c497dcb283acc80f427
SSDEEP

3072:YTElF/98jW6XWboUhFRQSVazc3vTmv1At55UN5STeR9R7R0m1rRK:YTmFmmTGSgI3vk1At5y72m1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1bc212c00703ef6fe2d32981a3ba87a_JaffaCakes118

Files

b1bc212c00703ef6fe2d32981a3ba87a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58e902619e8d492becfdd9b0d32234f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
InterlockedIncrement
lstrlenW
MultiByteToWideChar
lstrlenA
InitializeCriticalSection
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
lstrcmpiA
GetCommandLineA
GetLastError
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
LeaveCriticalSection
EnterCriticalSection
CreateProcessA
GetCurrentThreadId
CreateThread
Sleep
CreateEventA
InterlockedDecrement
WaitForSingleObject
CloseHandle
LoadResource
FindResourceA
SetEvent
GetVersionExA
HeapCreate
GetStringTypeW
GetStringTypeA
RtlUnwind
TerminateProcess
GetACP
GetCPInfo
WriteFile
TlsGetValue
SetLastError
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoA
GetVersion
ExitProcess
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
VirtualFree
VirtualAlloc
GetOEMCP
GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
TlsSetValue
SetHandleCount
GetStdHandle
GetFileType
TlsAlloc

user32

PostThreadMessageA
GetMessageA
CharNextA
DispatchMessageA
WaitForInputIdle

advapi32

RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumValueA
RegSetValueExA

ole32

CoTaskMemAlloc
CoCreateInstance
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoInitializeSecurity
CoUninitialize
CoRegisterClassObject

oleaut32

SysAllocString
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58e902619e8d492becfdd9b0d32234f9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 104KB - Virtual size: 101KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 104KB - Virtual size: 101KB