bf7e052ab31d773942b1ded15520c7f3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bf7e052ab31d773942b1ded15520c7f3_JaffaCakes118
Size

24KB
MD5

bf7e052ab31d773942b1ded15520c7f3
SHA1

ba2f288a9bc50f16d25421a0dcf629758ca52a25
SHA256

e77160fbf8a1b25edfb2d235127162f0de19fd30af4c136d220fe674b002b544
SHA512

d24cf454a5dd878249e2d04d6df6852d1399328cb48ba7b74410d5acc155b65de6599c295322a38e816ef0bbbf0065021374315ce5e8b7c5d1ff17f58449a34f
SSDEEP

384:ZLIR145WA+rS/EsMmRBtKyu9kw+CBY4TmbLJNcdrnYh8TPzdfeOKmE/AhWcu:Jh9Z/v5BLTOqlNsrnuCPzFeOK1Awc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf7e052ab31d773942b1ded15520c7f3_JaffaCakes118

Files

bf7e052ab31d773942b1ded15520c7f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

202fb018931a2ab437ab4147e5e94339

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
GetModuleFileNameA
lstrcatA
WaitForSingleObject
CloseHandle
DeleteFileA
ExitThread
TerminateThread
GetTickCount
GetModuleHandleA
WaitForMultipleObjects
ResetEvent
lstrcmpA
CompareStringA
Process32First
WriteFileEx
WaitForSingleObjectEx
LoadResource
FindResourceA
GetModuleHandleW
GetProcAddress
SetFileAttributesW
lstrlenA
MultiByteToWideChar
Sleep
CreateFileA
lstrcpyA
CreateThread
GetLastError
CreateProcessA
CreateEventA
HeapAlloc
GetProcessHeap
HeapFree
ExitProcess
GetCommandLineA
SetEvent

user32

SetWindowTextA
ShowWindow
PostQuitMessage
TranslateMessage
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects
RegisterClassA
CreateWindowExW
DefWindowProcA
wsprintfA
CreateWindowExA
DestroyWindow
MessageBoxA
LoadIconA
FindWindowA
wsprintfW
ReleaseDC

advapi32

RegCreateKeyA
RegSetValueExW
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegNotifyChangeKeyValue

shell32

SHGetFolderPathA
Shell_NotifyIconA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString

wininet

InternetGetConnectedState

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

202fb018931a2ab437ab4147e5e94339

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 7KB