c251979d8e5f9d7486749be1c184e4c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c251979d8e5f9d7486749be1c184e4c4_JaffaCakes118
Size

190KB
MD5

c251979d8e5f9d7486749be1c184e4c4
SHA1

80b02485e4d68a603555eece058164daf762f288
SHA256

9163285878df68e7fd59e54caf4b0c98ec8f18d8eef9c1282d05242cd34fff3d
SHA512

d0f0d69fa6c36f8b34213a9732711f863d372667e1bca6bea50d401634d4753ce4e04567b6f271aed92120bcc3cffa5bb0bc08f48e96826751a6c19ca5f59774
SSDEEP

3072:XqWx/jH/D5xenN2zbJEMYVeMO6f+AV8lzoW9VVuNn4H3rB7SWdKQuHjnFRqq:lLb5xANyE9oMOo6l9VVuNncrBvYHjHqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c251979d8e5f9d7486749be1c184e4c4_JaffaCakes118

Files

c251979d8e5f9d7486749be1c184e4c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bee17e79f4f158dbea4e7ec90c73ea50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
FlushFileBuffers
ReleaseSemaphore
RaiseException
GetLastError
CloseHandle
SetUnhandledExceptionFilter
IsDBCSLeadByte
ResetEvent
LCMapStringW
GetCurrentThreadId
GetEnvironmentVariableA
IsBadWritePtr
GetThreadIOPendingFlag
RtlUnwind
WriteFile
GetOEMCP
CompareStringW
CompareStringA
MapViewOfFile
HeapCreate
ExitThread
GetFullPathNameW
InterlockedDecrement
GetStartupInfoA
GetCPInfo
GetModuleFileNameA
OutputDebugStringA
Sleep
GlobalUnlock
GetEnvironmentStrings
CreateFileMappingA
HeapFree
TransmitCommChar
SetPriorityClass
CreateFileW
SetEndOfFile
TlsSetValue
GetFileType
GetStringTypeA
SetLastError
WideCharToMultiByte
lstrcmpW
InterlockedExchange
GetEnvironmentStringsW
GetCurrentProcess
SetEvent
HeapSize
TlsAlloc
EnumResourceNamesW
LCMapStringA
GetSystemTime
GetACP
GetProcAddress
SetHandleCount
GetThreadPriority
FileTimeToLocalFileTime
lstrcpyA
GlobalFree
HeapDestroy
FreeLibrary
FreeEnvironmentStringsW
HeapAlloc
GetStdHandle
GlobalAlloc
ExitProcess
GetTempPathW
TerminateProcess
WritePrivateProfileStringA
CreateMutexA
GetPrivateProfileStringA
EnterCriticalSection
GetPriorityClass
MultiByteToWideChar
GetStringTypeW
UnmapViewOfFile
ExitProcess
GetModuleHandleA
GetFullPathNameA
GetCommandLineA
GetTempFileNameA
IsBadReadPtr
lstrcmpA
FreeEnvironmentStringsA
GetTempPathA
HeapReAlloc
InterlockedIncrement
SetStdHandle
CreateThread
LeaveCriticalSection
TlsGetValue
GetTimeZoneInformation
UnhandledExceptionFilter
InitializeCriticalSection
CreateSemaphoreA
GetDiskFreeSpaceExA
IsBadCodePtr
WaitForSingleObject
GetUserDefaultLCID
LoadLibraryA
TlsFree
FileTimeToSystemTime
GetTickCount
DeleteCriticalSection
SetEnvironmentVariableA

msimg32

AlphaBlend
TransparentBlt

user32

GetKeyState
CharUpperA
MessageBoxA
CharNextA
wsprintfA
wsprintfW
CharLowerA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shlwapi

PathAddBackslashA

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bee17e79f4f158dbea4e7ec90c73ea50

Headers

File Characteristics

Imports

kernel32

msimg32

user32

advapi32

shlwapi

Sections

.text Size: 166KB - Virtual size: 165KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 19KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 166KB - Virtual size: 165KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 19KB

.crt
Size: 512B - Virtual size: 84KB