b4d195cd21f9df1bc4675fb995638868_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4d195cd21f9df1bc4675fb995638868_JaffaCakes118
Size

308KB
MD5

b4d195cd21f9df1bc4675fb995638868
SHA1

b586540c48e272bd6e17780a14c69f9f1bc06087
SHA256

57b893ea172aac94fc76a7e1a6841d9332ff79dc1be4313a70b56ed1e2f67593
SHA512

628c169230d14eb1b07192cd4e6698f3774c46801ff663e3ea403bf6a5b52c32c67d4a5860b058fc1ff537fd1bb04f37f7f56d818ca7d503cef167e6733ffb0e
SSDEEP

6144:sXMDqXG04LUF2/ZTa1IKGmroZUlnNW1Z0MK/fZx/8uRO7oW:5OWvA2he1IK7kZ2n4f0hx7Ec

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4d195cd21f9df1bc4675fb995638868_JaffaCakes118

Files

b4d195cd21f9df1bc4675fb995638868_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f7a7d071777145f0255f2ea81a85bfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExW

oleaut32

SysAllocStringLen
VariantClear
SysAllocString

ole32

OleInitialize
OleUninitialize

gdi32

SetBkColor
BitBlt
DeleteObject
DeleteDC
GetStockObject
CreateCompatibleDC
CreateSolidBrush
SelectObject

kernel32

GetCurrentThread
GetUserDefaultLCID
GetUserDefaultLangID
GetSystemDefaultLangID
GetStdHandle
GetSystemDefaultLCID
GetOEMCP
VirtualAlloc
FindResourceA
IsBadReadPtr
Sleep
VirtualFree
UnmapViewOfFile
IsValidCodePage
WideCharToMultiByte
CreateProcessA
SizeofResource
GetModuleHandleW
GetACP
CloseHandle
SetEndOfFile
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
FindResourceW
GlobalFree
lstrlenA
LCMapStringW
LoadLibraryExW
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindFirstFileW
CompareStringA
FindFirstFileA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapCreate
LeaveCriticalSection
GetCurrentThreadId
GetLocaleInfoA
CreateEventW
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
GetPrivateProfileStringA
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetExitCodeProcess
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
ExpandEnvironmentStringsA
lstrcatA
LocalAlloc
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapFree
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP

user32

LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
wsprintfA
SetWindowTextA
SetWindowLongA
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
PeekMessageA
SetDlgItemTextA
DispatchMessageA
SetTimer
GetSubMenu
RegisterClassA
EnableMenuItem
GetWindow
IsWindowEnabled
LoadIconA
ShowWindow
FillRect
GetParent
DestroyWindow
ClientToScreen
GetDC
EndPaint
IsWindow
SetWindowPos
LoadBitmapA
PostQuitMessage
SetForegroundWindow
MessageBoxA
GetSysColor
PostMessageA
SystemParametersInfoA
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
SetCursor
GetDesktopWindow
GetFocus
EnableWindow
EndDialog
ReleaseDC

msvcrt

_strcmpi
_onexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__dllonexit

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f7a7d071777145f0255f2ea81a85bfb

Headers

File Characteristics

Imports

advapi32

oleaut32

ole32

gdi32

kernel32

user32

msvcrt

Sections

.text Size: 292KB - Virtual size: 288KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 688B

.text
Size: 292KB - Virtual size: 288KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 688B