139ed11501a9d25146637ea70f94ef70_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

139ed11501a9d25146637ea70f94ef70_JaffaCakes118
Size

564KB
MD5

139ed11501a9d25146637ea70f94ef70
SHA1

42994f9e8811662de6ebab22f8a9521a7a415a75
SHA256

43f59eda480db874c24d8b53630d71d362399e8406c0eb1413cbcfd191a9ae26
SHA512

4ee599392fe9a7bfb2fa010b6c66fd479c2993a3f356384f4c4ecb7889edbeb7771ab58d9990e69ba9cbb32e56f1547cc87fcf433cab585945c109f39c9b1aea
SSDEEP

12288:zCGgqtQjwvTAqIeZp2CzsNuaM89espGizabM:zCGgqtQij2ITaM8Nlz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
139ed11501a9d25146637ea70f94ef70_JaffaCakes118

Files

139ed11501a9d25146637ea70f94ef70_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7358aae1e1d838bb6d524ec1253007ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA
BitBlt
DeleteObject

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

kernel32

HeapAlloc
GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
HeapCreate
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
GetModuleHandleW
GlobalLock
GetACP
lstrcpynA
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
MapViewOfFile
CompareStringA
RaiseException
GetCurrentThread
GetCommandLineA
HeapSize
GetCPInfo
LockResource
GetCurrentProcessId
SizeofResource
RemoveDirectoryA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
InitializeCriticalSection
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
ResetEvent
FindNextFileW
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetVersion
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
MultiByteToWideChar
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
GetEnvironmentVariableA
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
SetStdHandle
WriteFile
InterlockedExchange
GetSystemTimeAsFileTime
WideCharToMultiByte
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetLocaleInfoA
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapDestroy
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
GetStdHandle
RtlUnwind
GetStringTypeA

user32

LoadStringA
SetCursor
EnableMenuItem
GetClientRect
SendMessageA
GetFocus
SystemParametersInfoA
GetSysColor
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
CheckMenuItem
SetWindowTextA
PostMessageA
GetWindowRect
GetSystemMetrics
BeginPaint
MapWindowPoints
CreateWindowExA
RegisterClassA
IsIconic
SetForegroundWindow
GetWindow
IsWindowEnabled
PeekMessageA
EnableWindow
SetCapture
ShowWindow
UpdateWindow
GetParent
DestroyWindow
TranslateMessage
ReleaseDC
GetDC
DispatchMessageA
IsWindow
SetWindowPos
LoadBitmapA

advapi32

RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7358aae1e1d838bb6d524ec1253007ca

Headers

File Characteristics

Imports

gdi32

ole32

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 504KB - Virtual size: 503KB

.data Size: 28KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 864B

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 504KB - Virtual size: 503KB

.data
Size: 28KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 864B