f080e69a5bad575f88b13a0d4a1d3a13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f080e69a5bad575f88b13a0d4a1d3a13_JaffaCakes118
Size

3.0MB
MD5

f080e69a5bad575f88b13a0d4a1d3a13
SHA1

587eb16a1a7f0e9a4c5bbbd0403157ba592b6b5a
SHA256

41f68c29681c70a40abb553368186779c994554a1a389fc6f8a6d4a9611095ce
SHA512

b567bc54816a1715ec9b2821d67487abcc23a352bb0d851945f4c89cb6938c521ab35ddf7d273fd9954c003041333da685a004bebbf89d2217c97892822d3b8c
SSDEEP

49152:Vki2v8aJh6b96lzff11L2NzbPGn4J1OeMVwKFSOQ:VP28aJh6bkZ1LObPGn6Mtp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f080e69a5bad575f88b13a0d4a1d3a13_JaffaCakes118

Files

f080e69a5bad575f88b13a0d4a1d3a13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f3c3d2e9dbfba80f75653af0fe3e685

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
SetLastError
LoadLibraryW
GetCommandLineW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
LoadLibraryA
GetOEMCP
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
GetModuleHandleA
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
LCMapStringW
GetVersionExA
GetProcAddress
GetLastError
ResetEvent
GetTimeZoneInformation
FormatMessageW
lstrcmpiA
CopyFileA
GetQueuedCompletionStatus
InterlockedExchange
GetTimeFormatA
GetVolumeInformationW
SearchPathA
FindFirstFileA
GetShortPathNameA
GetExitCodeProcess
GlobalFlags
UnlockFile
DuplicateHandle
GetDateFormatA
GetFileAttributesA
TerminateThread
GetTempPathA
FindNextFileA
GetVersion
DeleteFileW
GetACP
GetTickCount
GetSystemTimeAsFileTime
CloseHandle
FreeLibrary
WriteFile
GetCurrentThreadId
GetStartupInfoA
GetCommandLineA
ExitProcess

user32

wsprintfW
SetFocus
ReleaseDC
SendMessageTimeoutA
GetParent
SetWindowLongW
CheckDlgButton
IsWindowEnabled
TranslateMessage
LoadStringW
SetClassLongW
MoveWindow
EndDialog
InvalidateRect
LoadBitmapA
GetClassNameW
AppendMenuW
SetCursor
RegisterClassExW
TranslateAcceleratorW
DispatchMessageW
DefWindowProcA
GetMessagePos
GetWindowLongA
GetSubMenu
GetClientRect
CharNextW
TrackPopupMenuEx
GetSystemMetrics

gdi32

DeleteMetaFile

advapi32

LookupAccountNameA
RegDeleteValueW
LookupAccountSidW
LookupPrivilegeValueA
RegQueryValueExW
GetSidSubAuthority
LookupPrivilegeDisplayNameA
RegSetValueExW
IsValidSid
LookupAccountSidA
LookupAccountNameW
LookupPrivilegeNameA
LookupPrivilegeNameW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
EqualSid
RegQueryInfoKeyW
InitializeSid
RegEnumValueW
FreeSid
OpenEventLogA
LookupPrivilegeValueW
AllocateAndInitializeSid
RegOpenKeyExW
OpenEventLogW
LookupPrivilegeDisplayNameW
RegCloseKey
RegEnumKeyW
RegOpenKeyW

Sections

1e157
Size: 860KB - Virtual size: 859KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

1e158
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�1e159
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�1e15a
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_MEM_EXECUTE

Sharing

General

Malware Config

Signatures

Files

1f3c3d2e9dbfba80f75653af0fe3e685

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

1e157 Size: 860KB - Virtual size: 859KB

1e158 Size: 408KB - Virtual size: 407KB

�1e159 Size: 1.7MB - Virtual size: 1.7MB

�1e15a Size: 12KB - Virtual size: 9KB

1e157
Size: 860KB - Virtual size: 859KB

1e158
Size: 408KB - Virtual size: 407KB

�1e159
Size: 1.7MB - Virtual size: 1.7MB

�1e15a
Size: 12KB - Virtual size: 9KB