438212328f25865f33d9c403697f0e05_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

438212328f25865f33d9c403697f0e05_JaffaCakes118
Size

110KB
MD5

438212328f25865f33d9c403697f0e05
SHA1

3a2a3394f1feb652076fe7b7e0d80e86fe2727e2
SHA256

cea166531770fb251bc73be86f7ec2197632e58a73cc2878dfcdc6164bbe90f6
SHA512

43acd89e2977b5814f75bf2794c6fb1ce1538255b48ea4ea17e66b8ac8d86df93786d34d19a1f555076ba0229d480ef26deee30beb4b6a072e8aae6a6faed324
SSDEEP

1536:k62O4UQrGlFUbxuVUQyQa63AkiA+LDKIKVsWNrNZcHJ8qoAklxl6Hqt3MX:kzzrF0yQaaADYVRrneJSQgcX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
438212328f25865f33d9c403697f0e05_JaffaCakes118

Files

438212328f25865f33d9c403697f0e05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26f54a19e0c4e1b0f4ced5590edd9f38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcmpA
GetVersionExA
IsValidCodePage
GetModuleHandleW
MultiByteToWideChar
InterlockedDecrement
LCMapStringW
GetCPInfo
GetExitCodeProcess
GetModuleFileNameA
SetUnhandledExceptionFilter
CompareStringA
SetFileAttributesA
GetThreadLocale
GetFileAttributesW
GetSystemDefaultLCID
GetTempPathA
SetErrorMode
LoadResource
SetLastError
GetStringTypeExA
GetTempPathW
FileTimeToDosDateTime
DeleteFileA
CompareFileTime
CopyFileA
IsDebuggerPresent
GetCurrentProcess
GetModuleHandleA
SetHandleCount
MoveFileA
VirtualProtect
InterlockedIncrement
LocalFree
GetLocaleInfoA
lstrlenA
GetUserDefaultLangID
IsBadReadPtr
SetFilePointer
GetFileTime
GetOEMCP
GetVersion
GlobalUnlock
GetStartupInfoA
FreeEnvironmentStringsA

msvcrt

_controlfp
_except_handler3
__p___initenv
__set_app_type
__setusermatherr
__p__commode
__getmainargs
_initterm
_XcptFilter
_adjust_fdiv
_exit
__p__fmode

user32

SetWindowTextA
GetPropA
GetMenu
IsWindowEnabled
UnhookWindowsHookEx
GetScrollInfo
SetScrollInfo
ShowOwnedPopups
GetClassInfoA
RemovePropA
SetFocus
UpdateWindow
GetForegroundWindow
FrameRect
GetMessagePos
LoadIconA
DrawTextA
GetWindowLongA
PostQuitMessage
SetForegroundWindow
InvalidateRect
LoadStringA
GetSystemMenu
SetClassLongA
PeekMessageA
GetDCEx
CreateMenu
SetRect
GetDC
DestroyCursor
EnableMenuItem
RegisterWindowMessageA
ShowCursor
ClientToScreen
GetWindowPlacement
SetWindowLongA
GetSubMenu
IsRectEmpty
CheckMenuItem
SetMenu
UnregisterClassA
SetScrollPos
GetClassNameA
KillTimer
GetDlgItem
SetCursor

advapi32

CryptHashData
RegDeleteValueA
OpenServiceA
QueryServiceStatus
RegOpenKeyA
RegQueryValueExW
SetSecurityDescriptorGroup
RegSetValueExW
LookupPrivilegeValueW
RegEnumKeyExA
InitiateSystemShutdownA
RegDeleteKeyW
RegFlushKey
GetTokenInformation
RegCloseKey
RegCreateKeyExA
RegCreateKeyExW
OpenProcessToken
SetSecurityDescriptorOwner
RegCreateKeyA
OpenThreadToken
CryptDestroyHash
CryptCreateHash
RegSetValueExA
CheckTokenMembership
DeleteService
RegQueryValueExA
RegEnumValueA
CryptReleaseContext
CopySid
AllocateAndInitializeSid
OpenSCManagerW

Sections

.text
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26f54a19e0c4e1b0f4ced5590edd9f38

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 1024B - Virtual size: 828B

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 1024B - Virtual size: 828B

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 36KB - Virtual size: 36KB