ea9d4c6f5c8da102d814438e5c17c7ab_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea9d4c6f5c8da102d814438e5c17c7ab_JaffaCakes118
Size

167KB
MD5

ea9d4c6f5c8da102d814438e5c17c7ab
SHA1

5da84991a41773e2330f04769381615a0733ef43
SHA256

69f5bbaaf5c469c33abed61bedabc535cc85a8c9845519232e71ae7600dee059
SHA512

d41ca0746a9b907635ca5b1c9493b1aa64825191a060e0158e8ee631503797a8c85fd58a5364c92deec6e75fb8bc658ac3fbd1ae04fac54feabbf1df89f428c8
SSDEEP

3072:SBUCb0uqzfeisnUfJygVgUw0+yRxLLdX4WHG19bJTgb8hvcN2gFh0DnVQMX955C3:S/bIzBsUfJIp09PXSrl0Qvc9CnpV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea9d4c6f5c8da102d814438e5c17c7ab_JaffaCakes118

Files

ea9d4c6f5c8da102d814438e5c17c7ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

706031f85f421a96bd7e570073af27c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

kernel32

CompareStringW
lstrcpyA
GetStartupInfoA
GlobalFree
ReleaseSemaphore
GetTempFileNameA
SetPriorityClass
GetUserDefaultLCID
HeapReAlloc
IsBadCodePtr
FileTimeToSystemTime
GetThreadIOPendingFlag
GetCurrentThreadId
IsBadReadPtr
LCMapStringW
InterlockedExchange
HeapDestroy
DeleteCriticalSection
GetEnvironmentStrings
WritePrivateProfileStringA
GetModuleFileNameA
GetCurrentProcess
CreateMutexA
TransmitCommChar
HeapCreate
SetStdHandle
LeaveCriticalSection
CloseHandle
TerminateProcess
GetTempPathW
CompareStringA
GetSystemTime
HeapAlloc
OutputDebugStringA
LoadLibraryW
GetFullPathNameA
CreateFileW
Sleep
ExitProcess
FreeLibrary
FlushFileBuffers
GetPriorityClass
SetEndOfFile
TlsSetValue
GetOEMCP
MultiByteToWideChar
FileTimeToLocalFileTime
GetFileType
ResetEvent
EnumResourceNamesW
GetTickCount
GetDiskFreeSpaceExA
GetTimeZoneInformation
InterlockedIncrement
WaitForSingleObject
RtlUnwind
HeapSize
FreeEnvironmentStringsW
GetPrivateProfileStringA
lstrcmpA
GlobalAlloc
SetUnhandledExceptionFilter
GetThreadPriority
TlsFree
InterlockedDecrement
GetFullPathNameW
SetEvent
SetHandleCount
SetLastError
HeapFree
ExitProcess
GetEnvironmentStringsW
MapViewOfFile
FreeEnvironmentStringsA
GetStdHandle
GetModuleHandleA
ExitThread
GetStringTypeW
CreateThread
WriteFile
CreateSemaphoreA
TlsAlloc
LoadLibraryA
GetCommandLineA
GetStringTypeA
IsBadWritePtr
InitializeCriticalSection
WideCharToMultiByte
GetProcAddress
IsDBCSLeadByte
UnhandledExceptionFilter
RaiseException
UnmapViewOfFile
lstrcmpW
GetCPInfo
GetEnvironmentVariableA
GetACP
TlsGetValue
LCMapStringA
CreateFileMappingA
EnterCriticalSection
GlobalUnlock
GetTempPathA
GetLastError
SetEnvironmentVariableA

user32

CharUpperA
GetKeyState
MessageBoxA
wsprintfA
wsprintfW
CharNextA
CharLowerA

shlwapi

PathAddBackslashA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

706031f85f421a96bd7e570073af27c3

Headers

File Characteristics

Imports

msimg32

kernel32

user32

shlwapi

advapi32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 72KB