ba32453dab3761746957d30de329a418_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ba32453dab3761746957d30de329a418_JaffaCakes118
Size

80KB
MD5

ba32453dab3761746957d30de329a418
SHA1

8a8f88cabccc89ce8529c78e9ca563bd289a7fda
SHA256

2d211a51cf3f708c8370b0d76939e1cd0570a0a18b085144681a5f1cf69cd78b
SHA512

2a4f1654b57ce4f4680d4025d3a20e10fe789ebe9ec882166deb4d78381fb58a102545a13aadd860b6a4daea3effd831a816b205bb0ee24bd8361c96dabb3a47
SSDEEP

768:zfFN5YacqZZNEJIpl4PixIb4Dj+jUTywb07YJH4i96CphT+KpYPlLBtD/3KFjBF2:BCqSJm5xR+jUTywg7Y+4QlLTujHsQw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba32453dab3761746957d30de329a418_JaffaCakes118

Files

ba32453dab3761746957d30de329a418_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f49f5bf0c48ed18677ce9d08aaa459a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
InterlockedDecrement
GetCurrentThreadId
DeleteFileW
GetFileAttributesW
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
lstrcmpiA
CompareStringA
FlushInstructionCache
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetCPInfo
IsBadCodePtr
TerminateProcess
FlushFileBuffers
SetStdHandle
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
InterlockedIncrement
TlsGetValue
TlsAlloc
TlsSetValue
GetLastError
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
RtlUnwind
ExitProcess
LoadLibraryA
GetProcAddress
SetFilePointer
SetUnhandledExceptionFilter
lstrlenA
HeapFree
HeapAlloc
GetCurrentProcess
IsBadReadPtr
CloseHandle

user32

GetSysColor
MapWindowPoints
SetWindowPos
EndDialog
GetParent
CallWindowProcA
GetFocus
DrawFocusRect
FillRect
GetDlgCtrlID
GetCursorPos
ScreenToClient
SetCursor
EndPaint
BeginPaint
CreateDialogParamA
PtInRect
SetFocus
SetCapture
GetCapture
ReleaseCapture
InvalidateRect
UpdateWindow
DestroyCursor
SetRectEmpty
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
ShowWindow
CharNextA
SetWindowTextA
CreateWindowExA
ReleaseDC
GetDC
DrawTextA
OffsetRect
GetClassNameA
SetWindowLongA
CreateCursor
GetWindowTextA
GetWindowTextLengthA
IsWindow
DestroyWindow
PostQuitMessage
MessageBoxA
GetActiveWindow
DialogBoxParamA
GetSystemMetrics
LoadImageA
SendMessageA
GetDlgItem
EnableWindow
IsDialogMessageA
GetWindowLongA
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
IsWindowEnabled

gdi32

SelectObject
DeleteObject
GetObjectA
CreateFontIndirectA
SetTextColor
GetStockObject
DeleteDC
SetBkMode

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA
SHGetSpecialFolderPathW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

SHSetValueA
StrStrA
SHGetValueA
wnsprintfW
StrStrIA

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f49f5bf0c48ed18677ce9d08aaa459a1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

shlwapi

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 16KB - Virtual size: 15KB