b1f73eb62b3aa9ea4488b4a7b5be8dd2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1f73eb62b3aa9ea4488b4a7b5be8dd2_JaffaCakes118
Size

160KB
MD5

b1f73eb62b3aa9ea4488b4a7b5be8dd2
SHA1

d4511de3d14d32938087b10a9e0e95159f3d7568
SHA256

3483e99b11a000250d442cb447843260b3b9a7a4d380c3cb8e984049b5bcb83b
SHA512

69ba38fb77248ac5919c68b55f0a84106e5cda6c11b21875a12e5751112d0dc30a834fb4f4469cf6089518c662c033206e81a31f48ae8cf1858eb3363662ff0f
SSDEEP

3072:oCvWX+RbPkeBNNXwVm0vT7l+6wvVqZHssYC0u0gp7+tz9jRkQ4E+pC:oJX+58eBN/0vT7l+nvAOJgp7WRiQ4ET

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1f73eb62b3aa9ea4488b4a7b5be8dd2_JaffaCakes118

Files

b1f73eb62b3aa9ea4488b4a7b5be8dd2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

61ca3cfcd8e565da52c2de6a27b530cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegQueryInfoKeyA
AllocateAndInitializeSid
RegQueryValueExA
RegCloseKey
RegDeleteValueA
EqualSid
LookupPrivilegeValueA
FreeSid
OpenProcessToken
RegCreateKeyExA
RegOpenKeyExA
GetTokenInformation
RegSetValueExA
AdjustTokenPrivileges

gdi32

GetDeviceCaps

kernel32

ReadFile
lstrcmpiA
GetProcAddress
LocalAlloc
_lclose
CloseHandle
WriteFile
GetModuleFileNameA
GlobalWire
ResetEvent
FindClose
WritePrivateProfileStringA
lstrcpyA
SetCurrentDirectoryA
GlobalAlloc
FindFirstFileA
SetFilePointer
GetCurrentProcess
GetSystemDirectoryA
GetVolumeInformationA
LoadResource
DeleteFileA
GlobalUnlock
GetDriveTypeA
GetSystemInfo
CreateDirectoryExW
RemoveDirectoryA
GetShortPathNameA
GetCurrentDirectoryA
GetPrivateProfileIntA
GlobalFree
FreeResource
CreateFileA
CreateEventA
CreateProcessA
_llseek
GetExitCodeProcess
GetPrivateProfileStringA
SetUnhandledExceptionFilter
IsDBCSLeadByte
SetFileTime
FreeLibrary
GetTempFileNameA
LocalFileTimeToFileTime
SetVolumeLabelA
GetStartupInfoA
GetDiskFreeSpaceA
ExitProcess
lstrlenA
SizeofResource
LoadLibraryExA
lstrcpynA
CreateMutexA
lstrcatA
CreateDirectoryA
FormatMessageA
UnhandledExceptionFilter
GetTempPathA
GetFileAttributesA
_lopen
GetLastError
LocalFree
GetVersionExA
CreateThread
FindResourceA
TerminateThread
ExpandEnvironmentStringsA
lstrcmpA
DosDateTimeToFileTime
GetCommandLineA
LockResource
FindNextFileA
GlobalLock
GetWindowsDirectoryA
EnumResourceLanguagesA
SetFileAttributesA
SetEvent
GetModuleHandleA

user32

ExitWindowsEx
SetWindowPos
EnableWindow
GetWindowLongA
GetDlgItemTextA
MessageBoxA
GetSystemMetrics
CallWindowProcA
CharUpperA
SetForegroundWindow
SetWindowTextA
SendMessageA
GetDesktopWindow
MsgWaitForMultipleObjects
CharPrevA
GetDlgItem
ReleaseDC
wsprintfA
DispatchMessageA
PeekMessageA
SendDlgItemMessageA
DialogBoxIndirectParamA
EndDialog
GetWindowRect
MessageBeep
CharNextA
ShowWindow
GetDC
SetDlgItemTextA
LoadStringA
SetWindowLongA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.glpe
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 141KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61ca3cfcd8e565da52c2de6a27b530cc

Headers

File Characteristics

Imports

version

advapi32

gdi32

kernel32

user32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 116KB

.glpe Size: 3KB - Virtual size: 3KB

.edata Size: 141KB - Virtual size: 247KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 116KB

.glpe
Size: 3KB - Virtual size: 3KB

.edata
Size: 141KB - Virtual size: 247KB