b90e3674aaee5c0b02fb4cd52b61e3ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b90e3674aaee5c0b02fb4cd52b61e3ce_JaffaCakes118
Size

622KB
MD5

b90e3674aaee5c0b02fb4cd52b61e3ce
SHA1

42aa0495ab68ce255bafdcc33882a765315bebc5
SHA256

7b63a4a8c9d253a53801cfb225bf2af9b4444e3b18fc724d0c0f3b9f596410d1
SHA512

5b4b4c9ee095e8fa4c42681106dd6ed585d1d663faaf0fbe75ea9c3f66804b4ebfc130e801cfe304aac79bfa5f222b76ab66f607f6044bfd79638be255329b1c
SSDEEP

12288:cWMKWFccSrjS8XEEbthqD4rkKk3UIIuMSNZDxIFHDRsKIN:oKWFczvX344rk63jSpIFoN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b90e3674aaee5c0b02fb4cd52b61e3ce_JaffaCakes118

Files

b90e3674aaee5c0b02fb4cd52b61e3ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c48c82cd1e57cb315b300a3dda8c044

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetModuleHandleA
GetCurrentThread
ExitProcess
HeapAlloc
GetProcessHeap
GetOEMCP
FindResourceA
Sleep
VirtualFree
FindResourceW
HeapCreate
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
RaiseException
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
LockResource
GetEnvironmentStrings
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
GetConsoleCP
SetStdHandle
InterlockedIncrement
TlsSetValue
CreateEventA
CreateFileW
DuplicateHandle
FindFirstFileA
GetProcAddress
GetWindowsDirectoryA
DeleteFileA
LCMapStringW
LoadLibraryA
FlushFileBuffers
TlsAlloc
QueryPerformanceCounter
SetEvent
GetLastError
SetHandleCount
EnterCriticalSection
LeaveCriticalSection
GlobalAlloc
WriteConsoleA
TerminateProcess
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
CreateMutexA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
GetVersionExA
IsDebuggerPresent
GetModuleFileNameW
OutputDebugStringA
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
GetCPInfo
FreeEnvironmentStringsW
LoadLibraryExW
CreateFileA
lstrcatA
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapDestroy
WaitForSingleObject
GetFileAttributesA
GetStdHandle
GetCurrentProcessId
GetCurrentThreadId
GetCommandLineA
LoadLibraryW
GetVersion

user32

SetWindowLongA
GetSystemMetrics
BeginPaint
SetFocus
FillRect
SetTimer
GetSubMenu
EnableMenuItem
TranslateMessage
ScreenToClient
ReleaseDC
GetCursorPos
GetDC
IsWindow
SetWindowPos
PostQuitMessage
SetForegroundWindow
GetSysColor
CallWindowProcA
SetCursor
ClientToScreen

advapi32

RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey

Sections

.text
Size: 594KB - Virtual size: 917KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c48c82cd1e57cb315b300a3dda8c044

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 594KB - Virtual size: 917KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 10KB - Virtual size: 9KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 594KB - Virtual size: 917KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 11KB - Virtual size: 10KB