bdadd7fa80464ed9758aa5022e0f0643_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bdadd7fa80464ed9758aa5022e0f0643_JaffaCakes118
Size

220KB
MD5

bdadd7fa80464ed9758aa5022e0f0643
SHA1

b7a97449c21ac8582bd0c976de5d9ee572f61dea
SHA256

c95e0cce8784fe0523f27cc848983dd74aaf4c6da44a12b884bdbbe8e667e087
SHA512

b4f9900b908321a4a2756829f7bcabe3b23f379be4635debbaed59f3d13bd1a3fc9757f37d079af52964b5198e859530464e193ec65b3e5f99c62debe89c32a4
SSDEEP

6144:EdcAHbax9P7Dpm3q0pEIjIJv7eAQlFeR:EdUzDpmUeAQlF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdadd7fa80464ed9758aa5022e0f0643_JaffaCakes118

Files

bdadd7fa80464ed9758aa5022e0f0643_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef7833fa84b912c017f285e66ee6993e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetForegroundWindow
MoveWindow
PostQuitMessage
SetWindowPos
IsWindow
GetDC
GetCursorPos
SendMessageA
DestroyWindow
GetParent
ShowWindow
EnableWindow
PeekMessageA
LoadStringA
IsIconic
RegisterClassA
GetWindowLongA
SetTimer
EndPaint
SetFocus
KillTimer
GetSystemMetrics
GetWindowRect
ReleaseCapture
SetWindowLongA
SetWindowTextA
CheckMenuItem
GetSubMenu
CreateWindowExA
GetDlgItem
LoadCursorA
LoadIconA
GetDesktopWindow
ReleaseDC
EndDialog
FillRect
SetDlgItemTextA
InvalidateRect
wsprintfA
GetClientRect
CallWindowProcA

kernel32

FindClose
LoadResource
CompareStringW
InterlockedDecrement
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
GetFileAttributesA
WaitForSingleObject
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
GetConsoleMode
GetLocaleInfoA
LocalAlloc
lstrcatA
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetTempPathA
GetCPInfo
GetStringTypeA
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
SetFileAttributesA
GetOEMCP
LocalFree
GetExitCodeProcess
lstrlenA
VirtualAlloc
GetCommandLineA
CompareStringA
FindResourceA
IsBadReadPtr
Sleep
VirtualFree
UnmapViewOfFile
SizeofResource
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
TlsFree
RaiseException
GetCurrentThread
InterlockedCompareExchange
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
CreateProcessW
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
HeapCreate
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GetUserDefaultLCID
WaitForMultipleObjects
DuplicateHandle
FindFirstFileW
ResetEvent
lstrcpyA
FindNextFileW
lstrcmpA
FormatMessageA
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
SetEvent
GetEnvironmentVariableA
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
CreateEventW
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
InterlockedExchange
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
TlsGetValue
SetLastError
OutputDebugStringA
InitializeCriticalSection

advapi32

RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA

msvcrt

_cexit
exit
_controlfp

Sections

mqqegas
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef7833fa84b912c017f285e66ee6993e

Headers

File Characteristics

Imports

user32

kernel32

advapi32

msvcrt

Sections

mqqegas Size: 204KB - Virtual size: 202KB

.rdata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 752B

mqqegas
Size: 204KB - Virtual size: 202KB

.rdata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 752B