bb4b6f0a5d863f9b24eda2290c528402_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb4b6f0a5d863f9b24eda2290c528402_JaffaCakes118
Size

166KB
MD5

bb4b6f0a5d863f9b24eda2290c528402
SHA1

456d83d6cba19118e12b29348312a64de3602f76
SHA256

bf0f3080a7993092a5a372bf58e2b14b96806ee008ce4489f938ff8fbe3db171
SHA512

75dde7a89590f735542130d94344566aabf4bdc6691822b2830df7e39b34f1bebd163bf07944d27795fbd0f3cdd5dcdd033e725e382ae84766d1754ac6d8c864
SSDEEP

3072:AyEW6eZsuIsdL1VTZ4DI8vsbh9P1NGsAD9wkYxXMFLuFjPJf2ARJg1S/+:AyEHuB/4Dw3Gr9wkYxSuRJ2AGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb4b6f0a5d863f9b24eda2290c528402_JaffaCakes118

Files

bb4b6f0a5d863f9b24eda2290c528402_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47e1f859e16e5f8711e7c0b9856d2f76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
Sleep
TerminateProcess
LoadLibraryA
GetPriorityClass
ExitThread
GetPrivateProfileStringA
CompareStringW
SetLastError
OutputDebugStringA
GetStringTypeA
TlsGetValue
GetFullPathNameA
GetThreadIOPendingFlag
SetEvent
WaitForSingleObject
CreateFileW
InterlockedDecrement
GetCurrentProcess
GetStartupInfoA
ExitProcess
CreateThread
GlobalAlloc
TransmitCommChar
DeleteCriticalSection
FreeLibrary
UnhandledExceptionFilter
SetPriorityClass
FreeEnvironmentStringsA
SetStdHandle
GetTickCount
GetOEMCP
MapViewOfFile
SetUnhandledExceptionFilter
UnmapViewOfFile
HeapFree
ResetEvent
CompareStringA
SetEndOfFile
TlsAlloc
GetStdHandle
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileType
EnumResourceNamesW
GetSystemTime
GetCPInfo
lstrcmpW
SetHandleCount
lstrcmpA
FileTimeToLocalFileTime
GetDiskFreeSpaceExA
HeapCreate
InitializeCriticalSection
IsBadReadPtr
GetTempPathW
WritePrivateProfileStringA
LoadLibraryW
GetTempPathA
EnterCriticalSection
LCMapStringW
HeapDestroy
FileTimeToSystemTime
GetFullPathNameW
LCMapStringA
TlsFree
ExitProcess
GetACP
GetTimeZoneInformation
TlsSetValue
GetStringTypeW
IsBadCodePtr
lstrcpyA
RaiseException
GetTempFileNameA
HeapReAlloc
GetLastError
HeapAlloc
ReleaseSemaphore
GlobalUnlock
GlobalFree
HeapSize
GetEnvironmentStringsW
CreateSemaphoreA
WideCharToMultiByte
WriteFile
IsBadWritePtr
GetCommandLineA
GetModuleHandleA
CreateFileMappingA
InterlockedIncrement
InterlockedExchange
CloseHandle
RtlUnwind
GetThreadPriority
FreeEnvironmentStringsW
LeaveCriticalSection
IsDBCSLeadByte
GetCurrentThreadId
GetUserDefaultLCID
CreateMutexA
MultiByteToWideChar
GetModuleFileNameA
FlushFileBuffers
SetEnvironmentVariableA

msimg32

AlphaBlend
TransparentBlt

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shlwapi

PathAddBackslashA

user32

wsprintfW
CharNextA
CharUpperA
GetKeyState
wsprintfA
MessageBoxA
CharLowerA

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47e1f859e16e5f8711e7c0b9856d2f76

Headers

File Characteristics

Imports

kernel32

msimg32

advapi32

shlwapi

user32

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 20KB

.crt Size: 512B - Virtual size: 68KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 20KB

.crt
Size: 512B - Virtual size: 68KB