c8d6a942ecc00a49b74553688beacfde_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8d6a942ecc00a49b74553688beacfde_JaffaCakes118
Size

105KB
MD5

c8d6a942ecc00a49b74553688beacfde
SHA1

29d481d0cd4d0bbd58f843ba88fd89fc08609a29
SHA256

0508ea2f9d54d4945f943a30b7864f875e7af1d3eaf6124d545bb29de3813391
SHA512

dee53df49bd03e02190839f7774892d6d76df22357560fb3500dd040c3ad67aa21693f2f5e91919d3e62ea03dbb280ea39c8b85a81df2cbd9a18782fe8e28540
SSDEEP

3072:2AUz0ugA9Nb7fnXQJQC0arWzlMw84FrLbLB2NNTbteBmr:2HzZvv3AJprJw80bLB6Tb6mr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8d6a942ecc00a49b74553688beacfde_JaffaCakes118

Files

c8d6a942ecc00a49b74553688beacfde_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b1baafb99f8f833c7aea548b9da5d011

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen

kernel32

GetCPInfoExA
Sleep
GetStringTypeExA
GetSystemTimeAdjustment
GetTimeFormatA
CallNamedPipeW
EnumResourceTypesA
SetConsoleTitleA
FlushFileBuffers
PeekNamedPipe
GetSystemDirectoryA
CloseHandle
SetEvent
HeapAlloc
GetUserDefaultLangID
GetPrivateProfileIntA
GetFileAttributesA
lstrlenW
SetThreadAffinityMask
GetCurrentConsoleFont
RemoveDirectoryA
GetCurrentThreadId
FindResourceExA
ConvertDefaultLocale
FindResourceA
Sleep
GetModuleFileNameA
WaitForSingleObject
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
SetEnvironmentVariableW
CompareStringW
HeapCreate
LocalFree
FormatMessageA
SetErrorMode
InterlockedDecrement
HeapFree
ReadFile
LockResource
GlobalUnlock
GetVersionExA
GetCurrentConsoleFont
DeleteFileA
GetSystemTimeAsFileTime
GetPrivateProfileStringA
HeapDestroy
GlobalCompact
OpenEventA
GlobalAlloc
GlobalLock
CreateDirectoryA
CreateProcessA
GetStartupInfoA
WaitCommEvent
GetModuleHandleA
CreateFileA
SetEnvironmentVariableW
lstrlenA
SetFileAttributesA
WaitCommEvent
GetTempFileNameA
AddAtomA
CompareStringA
WaitForMultipleObjects
GetShortPathNameA
LoadResource
GetAtomNameA
lstrcpyA
CopyFileA
lstrcatA
GlobalFree
GetTempPathA
SetThreadAffinityMask
GetWindowsDirectoryA

ole32

CoFreeAllLibraries
CoInitialize
CoUninitialize
CoCreateInstance

user32

ReplyMessage
WindowFromPoint
OpenIcon

gdi32

UnrealizeObject

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 87KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1baafb99f8f833c7aea548b9da5d011

Headers

File Characteristics

Imports

advapi32

oleaut32

kernel32

ole32

user32

gdi32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 112KB

.rsrc Size: 3KB - Virtual size: 3KB

.text1 Size: 87KB - Virtual size: 191KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 112KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text1
Size: 87KB - Virtual size: 191KB