c235e3d1668fce96743777ebf2b529c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c235e3d1668fce96743777ebf2b529c8_JaffaCakes118
Size

6KB
MD5

c235e3d1668fce96743777ebf2b529c8
SHA1

3744f42fc5f67c3f2fce5d06eadf08c0f72b1abb
SHA256

155aaabb178e5cac2982210c3ca81c162c00ae694575dcca5fe810de72e24076
SHA512

bfb9138be3b5623d409d49069348ad3790c17b07fc02e513596f6c742e68d38da4730d948c9363c8dc685872044701919568115cea2615b6f8031de3e7ed30fd
SSDEEP

96:o/UK51Aq0IM4ryqrqAeDU879rVtsJ2QH1yhBMHd18oWEhlh2RyXK5oEF/p:oteqLTrpCU879rVOJ2Wyh2HdGDEvgoep

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c235e3d1668fce96743777ebf2b529c8_JaffaCakes118

Files

c235e3d1668fce96743777ebf2b529c8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

478b83ac4ca0689e556d676d8da47396

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
CreateWindowExA
SendDlgItemMessageA
GetDlgItemTextA
ShowWindow

advapi32

RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA

kernel32

LoadLibraryA
OpenEventA
SetFileAttributesA
GetStdHandle
WriteFile
TlsGetValue
SetLastError
lstrcpyA
GetOEMCP
lstrlenA
SetThreadPriorityBoost
GlobalFree
ExitThread
TlsAlloc
GetCommandLineA
RtlUnwind
TerminateProcess
MapViewOfFile
LeaveCriticalSection
CreateEventA
EnterCriticalSection
FreeLibrary
CreateFileA
IsBadCodePtr
GlobalAlloc
DeleteCriticalSection
SetupComm
SetFilePointer
SetStdHandle
WideCharToMultiByte
LCMapStringW
Sleep
LCMapStringA
HeapAlloc
InterlockedDecrement
GetModuleFileNameA
GetACP
GetProcAddress
HeapDestroy
CloseHandle
ExitProcess
VirtualAlloc
SetHandleCount
UnmapViewOfFile
VirtualFree
HeapCreate
InterlockedIncrement
GetFileType
GetTickCount
IsBadWritePtr
IsBadReadPtr
GetCurrentProcess
GetStringTypeW
TlsSetValue
GetModuleHandleA
GetVersion
OpenFileMappingA
GetCPInfo
HeapReAlloc
GetStartupInfoA
FlushFileBuffers
CreateFileMappingA
CreateThread
GetCurrentProcessId
UnhandledExceptionFilter
PulseEvent
HeapFree
LoadLibraryExA
FlushFileBuffers
DeleteFileA
GetStringTypeA
InitializeCriticalSection
GetLastError
GetCurrentThreadId
MultiByteToWideChar
GetPrivateProfileSectionA
WriteProfileStringW
DeleteAtom
GetCurrentDirectoryA
FatalAppExitA
GetShortPathNameA
GetWindowsDirectoryW
GetFullPathNameA
MoveFileA
IsValidCodePage
GetVersion
SetVolumeMountPointW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 151KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

478b83ac4ca0689e556d676d8da47396

Headers

File Characteristics

Imports

user32

advapi32

kernel32

version

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 111KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 151KB - Virtual size: 271KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 111KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 151KB - Virtual size: 271KB