e1527725c46d9adf61bbb477f96d92f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1527725c46d9adf61bbb477f96d92f7_JaffaCakes118
Size

464KB
MD5

e1527725c46d9adf61bbb477f96d92f7
SHA1

d2c0e84e110d36e8e820cce3777383efbd03840e
SHA256

e9d2252065c8aa50e5fc81fb5700123b66e644df16b6e1c7b5ca035afd258d6d
SHA512

3607811c96e4a2c99dff3a48c489f62ed002316ab6634429aaded17b344a862abf675c19f5e5822a3880ebd1f553eb54aa70a9e8692dca1c657b9f941e4dae0f
SSDEEP

12288:gf0RmrZsgYaIhQB+G7E//bXflFIVCD6Xa3bByAq+GY8h:gf0RmrZsoIhPGsRiNadyANGY8h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1527725c46d9adf61bbb477f96d92f7_JaffaCakes118

Files

e1527725c46d9adf61bbb477f96d92f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43cef3bc7542734150c51e9a7d018f2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize

version

VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GlobalLock
GetACP
lstrcpynA
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
FindFirstFileW
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
WritePrivateProfileStringA
GetEnvironmentStrings
FileTimeToLocalFileTime
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
HeapCreate
LCMapStringW
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GetModuleFileNameA
ExpandEnvironmentStringsA
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
ResetEvent
lstrcpyA
FindFirstFileA
CreateProcessA
CompareStringW
WriteFile
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
OpenProcess
SetErrorMode
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
VirtualAlloc
QueryPerformanceCounter
SetEvent
GetVersionExW
lstrcmpiA
GetModuleHandleW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
GlobalAlloc
WriteConsoleA
GetEnvironmentVariableA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
GetPrivateProfileStringA
RemoveDirectoryA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
TlsGetValue
SetLastError
OutputDebugStringA
FormatMessageA
GetFullPathNameA
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetStringTypeA
LoadLibraryW
GetCPInfo
GetTempPathA
SetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
LoadLibraryExW
lstrcatA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
SetEndOfFile
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetVersion
InterlockedExchange
SizeofResource
UnmapViewOfFile
FindResourceW
GetOEMCP
VirtualFree
Sleep
CompareStringA
FindResourceA
GetTickCount
InterlockedDecrement

user32

GetSystemMetrics
MapWindowPoints
DefWindowProcA
KillTimer
BeginPaint
SetFocus
EndPaint
ReleaseDC
DispatchMessageA
FillRect
SetTimer
GetSubMenu
RegisterClassA
IsIconic
LoadStringA
GetWindow
TranslateMessage
PeekMessageA
EnableWindow
ShowWindow
UpdateWindow
GetParent
GetWindowRect
DestroyWindow
TrackPopupMenu
GetClientRect
SendMessageA
GetCursorPos
GetDC
IsWindow
SetWindowPos
PostQuitMessage
DestroyMenu
SetForegroundWindow
CreateWindowExA
GetDlgItem
ClientToScreen
LoadCursorA
LoadIconA
GetDesktopWindow
EndDialog
SetDlgItemTextA
MessageBoxA
GetSysColor
SystemParametersInfoA
PostMessageA
SetWindowLongA
SetWindowTextA
GetMessageA
GetWindowLongA
EnableMenuItem
InvalidateRect
DrawTextA
CallWindowProcA
SetCursor

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
SysAllocString

gdi32

SetTextColor
DeleteObject
CreateSolidBrush
SelectObject
CreateCompatibleDC
DeleteDC
GetDeviceCaps
BitBlt

msvcrt

exit
_exit
free

Sections

awykkek
Size: 460KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

43cef3bc7542734150c51e9a7d018f2d

Headers

File Characteristics

Imports

ole32

version

kernel32

user32

advapi32

oleaut32

gdi32

msvcrt

Sections

awykkek Size: 460KB - Virtual size: 458KB

.bss Size: - Virtual size: 1KB

awykkek
Size: 460KB - Virtual size: 458KB

.bss
Size: - Virtual size: 1KB