b7faf9550eaa1f2796c5f4ab2414df63_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7faf9550eaa1f2796c5f4ab2414df63_JaffaCakes118
Size

153KB
MD5

b7faf9550eaa1f2796c5f4ab2414df63
SHA1

94597c545e78109e8bc7c01574df41c4edbe729a
SHA256

3a4f7f8daf4a303d05e904d13100d6b5e611c12e2cf7aa2b2ee30c8e55bbbaad
SHA512

f7a5ad2304365488e88fbcd8b709161014ad32c513a06c67863f530c263b0fd4c60bf31db4f1e97728e150c27c7261196c9eb6f256b6fae3b208d43879e55e37
SSDEEP

3072:marWMxC/l+HqM+wBK7kgdftsbtrYyjOB2Ejgo0QW0nfO1KVsNAnd5o:marWr9yJ+SK7vKrCljY0nZlE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7faf9550eaa1f2796c5f4ab2414df63_JaffaCakes118

Files

b7faf9550eaa1f2796c5f4ab2414df63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f57d6fc995260aa639d8626219b3ad4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
TranslateMessage
DispatchMessageA
GetMessageA
PostMessageA
RegisterClassA
LoadCursorA
LoadIconA
LoadStringA
FindWindowA
DefWindowProcA
SendMessageA
DestroyWindow
PostQuitMessage
MessageBoxA
CreateWindowExA
UpdateWindow

advapi32

RegSetValueExA
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA

ole32

OleInitialize
OleUninitialize

kernel32

GetVersion
HeapAlloc
RaiseException
HeapReAlloc
CompareStringA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
LoadLibraryA
SetFilePointer
LCMapStringW
LCMapStringA
GetTimeZoneInformation
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
CloseHandle
CompareStringW
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryExA
RtlUnwind
GetLastError
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
DeleteFileA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetEnvironmentStrings
HeapFree
SetUnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetStdHandle
SetHandleCount
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
WriteFile
GetFileType
HeapDestroy
HeapCreate
VirtualFree

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f57d6fc995260aa639d8626219b3ad4b

Headers

File Characteristics

Imports

user32

advapi32

ole32

kernel32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 15KB - Virtual size: 20KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 83KB - Virtual size: 84KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 15KB - Virtual size: 20KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 83KB - Virtual size: 84KB