dca1bced19491d8934a4cfd445c69bf1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dca1bced19491d8934a4cfd445c69bf1_JaffaCakes118
Size

187KB
MD5

dca1bced19491d8934a4cfd445c69bf1
SHA1

cf4374d6a5ded2c9a50fa4fce8cd9810b5e38ff4
SHA256

bcdd8aadbe6b9c770f1d616c57027fd537aea796cd7bc0e0b2b859f4b18e7935
SHA512

68921dcdddb573641b6565ddd3cb0cca52fd99f3eec5aec82c41b3bc3fd7bb255745336962df81d41944a1a5fcef0068142db48490afd0b545f47e25c80d9462
SSDEEP

3072:cpjiz1RQ2CN/gbvdBmHitGSXeR4HwHN26OV7VjKci9JQFLlxZ5riGETCNraUA0gO:cpSENiVBmHXSXe6HUE627VjKciJKBx1r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dca1bced19491d8934a4cfd445c69bf1_JaffaCakes118

Files

dca1bced19491d8934a4cfd445c69bf1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4504cb186c4a1aeaf275e5c1b0105105

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shlwapi

PathAddBackslashA

kernel32

IsBadCodePtr
ResetEvent
CompareStringA
SetHandleCount
FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentProcess
InitializeCriticalSection
GetThreadIOPendingFlag
GetOEMCP
WritePrivateProfileStringA
CreateSemaphoreA
HeapAlloc
GetACP
FlushFileBuffers
IsBadReadPtr
RtlUnwind
SetUnhandledExceptionFilter
GlobalAlloc
GetStringTypeW
UnmapViewOfFile
GetTimeZoneInformation
GetThreadPriority
WriteFile
GetFullPathNameW
GetStartupInfoA
GetSystemTime
GetFullPathNameA
TlsFree
WideCharToMultiByte
GetLastError
TerminateProcess
Sleep
InterlockedIncrement
LCMapStringW
TransmitCommChar
GetStdHandle
GetPriorityClass
GetTickCount
LeaveCriticalSection
MultiByteToWideChar
SetEndOfFile
IsDBCSLeadByte
GetTempPathW
HeapSize
InterlockedExchange
GetPrivateProfileStringA
IsBadWritePtr
CreateFileMappingA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsGetValue
CreateThread
SetLastError
CreateFileW
CloseHandle
EnumResourceNamesW
GetUserDefaultLCID
ExitThread
SetPriorityClass
GetStringTypeA
GetEnvironmentVariableA
lstrcpyA
HeapReAlloc
OutputDebugStringA
ExitProcess
RaiseException
lstrcmpA
LoadLibraryA
GetModuleHandleA
EnterCriticalSection
HeapFree
GetProcAddress
GetCPInfo
FileTimeToLocalFileTime
GlobalFree
ExitProcess
DeleteCriticalSection
GlobalUnlock
TlsAlloc
GetCurrentThreadId
GetFileType
ReleaseSemaphore
CompareStringW
HeapCreate
FreeLibrary
lstrcmpW
LCMapStringA
GetDiskFreeSpaceExA
HeapDestroy
FileTimeToSystemTime
GetCommandLineA
GetEnvironmentStrings
UnhandledExceptionFilter
GetModuleFileNameA
LoadLibraryW
SetEvent
MapViewOfFile
CreateMutexA
SetStdHandle
GetTempPathA
GetTempFileNameA
TlsSetValue
WaitForSingleObject
SetEnvironmentVariableA

user32

wsprintfW
wsprintfA
GetKeyState
CharNextA
MessageBoxA
CharUpperA
CharLowerA

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4504cb186c4a1aeaf275e5c1b0105105

Headers

File Characteristics

Imports

msimg32

advapi32

shlwapi

kernel32

user32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 84KB