b86c4ac28444ab1ea10dd3cb90165125_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b86c4ac28444ab1ea10dd3cb90165125_JaffaCakes118
Size

566KB
MD5

b86c4ac28444ab1ea10dd3cb90165125
SHA1

c1fb92a986ec3fe800ac19e67de324fdc4ee42c7
SHA256

da9946fcb7c5ee9bdc53928a9df940c0269b2f1394c1aa655ade99b358b719d3
SHA512

261b2a3b0b3f894b92f7adb3b981c394b0866d1a2ff2e01175d90d4238a854866fba8efbf8527d3d0085ea1e4cfcdaeb852a8cd511272c8c05288ebddddc3fee
SSDEEP

12288:0SMRs/RxAJLmXWPaHJQer5eo5JUAOkLTPDSwvXqQn:0S0sJxTMaHJQeREkL1fNn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b86c4ac28444ab1ea10dd3cb90165125_JaffaCakes118

Files

b86c4ac28444ab1ea10dd3cb90165125_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b82952644209aa1b89424503a75306c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegCreateKeyExA
RegCloseKey
OpenProcessToken

kernel32

GetTickCount
GetVersion
GetCurrentProcessId
GetCurrentThreadId
GetCommandLineA
GetModuleHandleA
GetLastError
ExitProcess
VirtualAlloc
GetOEMCP
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
SizeofResource
SetStdHandle
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
ReadFile
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
HeapSize
GetCurrentDirectoryA
LockResource
GetEnvironmentStrings
lstrlenW
GetEnvironmentStringsW
LCMapStringA
GlobalFree
GetSystemInfo
LCMapStringW
LeaveCriticalSection
TlsSetValue
GetFileType
CreateFileW
Sleep
CreateEventW
GetProcAddress
DuplicateHandle
FindNextFileA
CreateFileMappingA
FindFirstFileA
CompareStringW
GetProcessHeap
WaitForMultipleObjects
DeleteFileW
GetCPInfo
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
InterlockedIncrement
GetLocaleInfoA
SetEndOfFile
GlobalAlloc
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
SetFilePointer
CreateMutexA
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
SetLastError
InterlockedDecrement
FindClose
InitializeCriticalSection
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
WideCharToMultiByte
FreeEnvironmentStringsW
SetErrorMode
CreateFileA
LocalAlloc
DeleteCriticalSection
HeapDestroy
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
GetConsoleOutputCP
GetStdHandle

user32

GetFocus
CallWindowProcA
GetClientRect
GetSysColor
SetForegroundWindow
TrackPopupMenu
ScreenToClient
GetDlgItem
SetWindowLongA
ReleaseCapture
GetWindowRect
BeginPaint
EnableWindow
UpdateWindow
GetMessageA
DestroyWindow
GetActiveWindow
ReleaseDC
GetDC
EndPaint
IsWindow
SetWindowPos
PostQuitMessage

Sections

.text
Size: 532KB - Virtual size: 854KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b82952644209aa1b89424503a75306c5

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 532KB - Virtual size: 854KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 532KB - Virtual size: 854KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 11KB - Virtual size: 10KB