f625f297281e3dfaf9a31c2d90f44912_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f625f297281e3dfaf9a31c2d90f44912_JaffaCakes118
Size

552KB
MD5

f625f297281e3dfaf9a31c2d90f44912
SHA1

88fd25808f8331401a000a7ea0c78820c47182e3
SHA256

af36d4893be8cfd5cd3d322ce6807da1b7c242ebafc026b1f2c89bfd89de89a8
SHA512

12dd275b2583bcd1ccb43b1e94eed9904ee1bf9a3cc1a3dbcefb7df8564081fe4b599971604f5964dd3c022b2a0eadb44d836720849cef1bad1a877c827f09df
SSDEEP

12288:O+Hxiu6HIU36TCoNE6gyn5sJcKFDMoKP:O+H250C0E7nAP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f625f297281e3dfaf9a31c2d90f44912_JaffaCakes118

Files

f625f297281e3dfaf9a31c2d90f44912_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d79efd7d0a6f6dc1f811e974e9930247

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey
RegSetValueExW

kernel32

VirtualAlloc
VirtualFree
UnmapViewOfFile
InterlockedExchange
GetVersion
CloseHandle
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
GetCommandLineA
WideCharToMultiByte
LockResource
GetCurrentProcessId
SizeofResource
lstrlenW
GetEnvironmentStringsW
GetConsoleCP
lstrlenA
GetLastError
InterlockedIncrement
ExitProcess
TlsSetValue
GetFileType
CreateFileW
CreateEventW
GlobalLock
DuplicateHandle
FindNextFileA
FindNextFileW
CompareStringW
GetProcessHeap
GetProcAddress
SetEvent
GetStartupInfoW
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetOEMCP
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
SetCurrentDirectoryA
GetCurrentThreadId
TerminateProcess
MulDiv
CreateFileA
CreateThread
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
lstrcmpiW
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
VirtualProtect
GetModuleFileNameW
InitializeCriticalSection
SetLastError
TlsGetValue
GetEnvironmentVariableA
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetTimeZoneInformation
WriteFile
GetStringTypeA
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetEnvironmentStrings
HeapCreate
RtlUnwind
LeaveCriticalSection
GetACP
LCMapStringA
LCMapStringW

user32

SetCursor
CallWindowProcA
GetClientRect
InvalidateRect
GetSysColor
MessageBoxA
SetForegroundWindow
GetDesktopWindow
TrackPopupMenu
LoadIconA
GetDlgItem
SetWindowTextA
GetSystemMetrics
DefWindowProcA
SetFocus
EndPaint
DispatchMessageA
FillRect
SetTimer
GetWindowLongA
LoadStringA
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow
GetParent
SendMessageA
GetCursorPos
IsWindow
SetWindowPos
MoveWindow

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 522KB - Virtual size: 522KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d79efd7d0a6f6dc1f811e974e9930247

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 522KB - Virtual size: 522KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 522KB - Virtual size: 522KB

.rsrc
Size: 4KB - Virtual size: 4KB