b801eec59f3786e83924ced03e294fd1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b801eec59f3786e83924ced03e294fd1_JaffaCakes118
Size

820KB
MD5

b801eec59f3786e83924ced03e294fd1
SHA1

c14a04688d6c541f5092a3ec82e21330b5144bca
SHA256

49ccc21f2df077ae5b6b34ca350c410b2b857aa134f97a7ea52598b682314f74
SHA512

75df87ced0b2fad20ae8c344856ac5e50dca95790f104faf5e338d316920f2851f111b62fb2651b85cf39097224d1bf5c2b13fbeaa332bb9cf9fe3ec9af0da2c
SSDEEP

12288:jDOE3f97D6rDcMQSYDaWfFf7HYyQ9gpqaMsztZ2n05uCu8:jKaBD6rDoDaWN7Yy22qBcP2n05uCu8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b801eec59f3786e83924ced03e294fd1_JaffaCakes118

Files

b801eec59f3786e83924ced03e294fd1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

906067224c4001435aaf7d401e5e2cb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

ReadFile
GetLastError
lstrcmpA
IsValidCodePage
CreateFileA
WriteFile
SetFilePointer
CloseHandle
GetProcAddress
FreeLibrary
GlobalLock
_lclose
OpenFile
GetDriveTypeA
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
GetExitCodeProcess
GetSystemInfo
GetVersionExA
GetCurrentThread
GetLocaleInfoA
GlobalHandle
GlobalUnlock
GlobalFree
GetUserDefaultLCID
GetTickCount
DeleteFileA
GetModuleFileNameA
lstrcmpiA
GetPrivateProfileIntA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrlenA
lstrcpyA
lstrcatA
VerLanguageNameA
GlobalAlloc
CreateProcessA
GetCurrentProcess
LoadLibraryA
GetDiskFreeSpaceA
IsBadCodePtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
FlushFileBuffers
GetFileType
IsBadReadPtr
MultiByteToWideChar
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
LCMapStringA
LCMapStringW
SetStdHandle

user32

SetTimer
LoadIconA
GetWindowPlacement
PostQuitMessage
PostMessageA
KillTimer
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DefWindowProcA
DialogBoxParamA
ShowWindow
GetDlgItem
EndDialog
CharNextA
CreateDialogParamA
DestroyWindow
IsWindow
IsDialogMessageA
PeekMessageA
SendMessageA
SendDlgItemMessageA
ExitWindowsEx
MsgWaitForMultipleObjects
CharPrevA
LoadStringA
GetDlgItemTextA
EnableWindow
SetCursor
GetParent
GetSystemMetrics
GetClientRect
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
ReleaseDC
GetWindowRect
CreateWindowExA
EndPaint
BeginPaint
DrawIcon
LoadCursorA
DestroyIcon
RegisterClassA
MoveWindow
GetDC

gdi32

GetStockObject
GetTextExtentPointA
TranslateCharsetInfo
CreateFontIndirectA
GetObjectA
DeleteObject

advapi32

AdjustTokenPrivileges
RegEnumValueA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
EqualSid
LookupPrivilegeValueA
OpenProcessToken
FreeSid
OpenThreadToken
AllocateAndInitializeSid
GetTokenInformation

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

906067224c4001435aaf7d401e5e2cb3

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

version

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 20KB - Virtual size: 17KB