e148895b1e7e3622d4fffb1182be3584_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e148895b1e7e3622d4fffb1182be3584_JaffaCakes118
Size

84KB
MD5

e148895b1e7e3622d4fffb1182be3584
SHA1

dfb8588597c39addcca0098450e7ac719d6bca11
SHA256

412a657c806542fbe2fca4f642f84a14b805b8484006a5d3e1ab9085f0437b05
SHA512

078849dcd251eed589537b7d684c4571981b2d7cf4e3b4d8154bd9cdfb61d77bbea4735578ed1f528366bd1bedde2d993f9f191ac9b10350ccda982eb8e83dba
SSDEEP

768:jOVV4BuzEUxqF3EkZoT2eSa9CBoP2wnqP3vjlWTPCzMXhpxUepiB9pG9/2nW8b1Q:jORzoZoTnooP2lWTKzMXH9uWK3oFc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e148895b1e7e3622d4fffb1182be3584_JaffaCakes118

Files

e148895b1e7e3622d4fffb1182be3584_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f795ea517b3c80fd57b273056eb5d35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
GetStringTypeA
LCMapStringW
RaiseException
SetStdHandle
FlushFileBuffers
CloseHandle
QueryDosDeviceA
GetVersionExA
GetStringTypeW
GetVersion
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetProcAddress
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar

user32

EnumDisplayDevicesA
DefWindowProcA
PostQuitMessage
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetDesktopWindow
GetDC
ReleaseDC
wsprintfA
MessageBoxA

gdi32

DeleteDC
CreateDCA
GetStockObject
ExtEscape

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

chpgamma

?ChpGammaSetEx@@YAHPADPAU_colorctrl@@PAU_GAMMA_INPUT_BUFFER@@@Z

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f795ea517b3c80fd57b273056eb5d35

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

chpgamma

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 34KB - Virtual size: 34KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 34KB - Virtual size: 34KB