c182494fe4926292fc775fac5b8da535_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c182494fe4926292fc775fac5b8da535_JaffaCakes118
Size

152KB
MD5

c182494fe4926292fc775fac5b8da535
SHA1

bedd1284f7702b466c516b2ca0ab0ee63d237e30
SHA256

904e06ac6261024b705e25d5a6c03018163562783cf3c6be053e24724c3042a7
SHA512

8195639e645c59204751b4263cc514ba8ce181ed55203c4dff729945a6044192b8758be07e97c491bacb74b49a338c3338c9c734acd8b99da9c04804fcda9151
SSDEEP

3072:aZGe1X2KWN+R3mFZjDZi7Syh5j1kKaoQ9VkTSg7P+:gXbsK3YZxPyhcftxgT+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c182494fe4926292fc775fac5b8da535_JaffaCakes118

Files

c182494fe4926292fc775fac5b8da535_JaffaCakes118
.exe windows:5 windows x86 arch:x86

13fb0817bd31844055329cf99b6ddddb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
LockResource
VirtualProtect
Sleep
SetFilePointer
InterlockedExchange
SizeofResource
GetUserDefaultLangID
WriteFile
VirtualAlloc
GetLastError
GetSystemDefaultLCID
FormatMessageA
GetProcAddress
LoadResource
VirtualFree
CreateProcessA
GetWindowsDirectoryA
CloseHandle
GetFileAttributesA
VirtualQuery
RemoveDirectoryA
FindResourceA
GetSystemInfo
GetModuleFileNameA
GetModuleHandleA
FlushFileBuffers
GetFullPathNameA
SetConsoleTitleA
GetExitCodeProcess
SetLastError
DeleteFileA
SetErrorMode
GetVersionExA
GetLocaleInfoA
GetFileSize
CreateDirectoryA
GetCurrentProcess
GetCommandLineA
LoadLibraryA
CreateFileA
SetEndOfFile
IsDBCSLeadByte
GetCPInfoExA
GetACP
ReadFile
VirtualFree
LeaveCriticalSection
ExitProcess
MultiByteToWideChar
GetStdHandle
LocalFree
VirtualAlloc
InitializeCriticalSection
WideCharToMultiByte
DeleteCriticalSection
TlsGetValue
GetFileSize
GetCommandLineA
SetFilePointer
LocalAlloc
EnterCriticalSection
GetLastError
SetEndOfFile
GetFileType
CreateFileA
TlsSetValue
ReadFile
CloseHandle
GetSystemTime
WriteFile
GetModuleHandleA
RtlUnwind
RaiseException

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

TranslateMessage
SetWindowLongA
CharPrevA
MsgWaitForMultipleObjects
LoadStringA
CreateWindowExA
CallWindowProcA
DispatchMessageA
DestroyWindow
ExitWindowsEx
MessageBoxA
PeekMessageA

advapi32

RegQueryValueExA
LookupPrivilegeValueA
RegOpenKeyExA
RegCloseKey
OpenProcessToken

oleaut32

SysAllocStringLen
VariantClear
VariantChangeTypeEx
VariantCopyInd
SysStringLen

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 133KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13fb0817bd31844055329cf99b6ddddb

Headers

File Characteristics

Imports

kernel32

version

user32

advapi32

oleaut32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 9KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 133KB - Virtual size: 151KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 133KB - Virtual size: 151KB