cf2c274df4e9a76484454845ce6f9748_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cf2c274df4e9a76484454845ce6f9748_JaffaCakes118
Size

304KB
MD5

cf2c274df4e9a76484454845ce6f9748
SHA1

dbd27cefc06c033f470707675378e81c6bf383b4
SHA256

9e63e44ab30548181d80e3c376f9850a653ca95dcc076cc707550d965b359bdb
SHA512

21cd159568a27cb683992cfc992924242f6da5586f661e1343c7eeb5f7fa7b72a31495ae2b9bd55bc0ee7242bfafe95aac8a80180485ac815346160879174129
SSDEEP

6144:CAx5Hls8akeYsN3Yq4ZpAPeB0fkMzgGHh/DTZCatGyI+dze3BNgpVRM8+H:CAJNaklsiAWB0sIhKyIoC3BNG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf2c274df4e9a76484454845ce6f9748_JaffaCakes118

Files

cf2c274df4e9a76484454845ce6f9748_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47d6e640724c99acc90209900a139b05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
GetFileAttributesA
LoadLibraryA
FreeLibrary
GetCurrentProcess
GetProcAddress
Process32Next
Process32First
CreateToolhelp32Snapshot
GetModuleHandleA
CloseHandle
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
SetFileAttributesA
VirtualFreeEx
GetDriveTypeA
CompareStringW
CompareStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteFileA
OpenMutexA
CreateMutexA
Sleep
GetEnvironmentVariableA
CreateThread
GetComputerNameA
FindResourceA
UnhandledExceptionFilter
GetOEMCP
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetLastError
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
TerminateProcess
WideCharToMultiByte
ReadFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
SetEnvironmentVariableA

user32

GetClassNameA
SendMessageA
GetWindowThreadProcessId
EnumChildWindows
FindWindowA
ShowWindow
GetForegroundWindow
GetWindowTextA
GetKeyState
keybd_event
MapVirtualKeyExA
GetKeyNameTextA
GetAsyncKeyState
MessageBoxA

advapi32

RegOpenKeyExA
OpenProcessToken
RegOpenKeyA
RegSetValueExA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

ShellExecuteA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47d6e640724c99acc90209900a139b05

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 25KB

.rsrc Size: 236KB - Virtual size: 234KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 25KB

.rsrc
Size: 236KB - Virtual size: 234KB