57253832a7609d547d735c4725b0b0f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

57253832a7609d547d735c4725b0b0f2_JaffaCakes118
Size

183KB
MD5

57253832a7609d547d735c4725b0b0f2
SHA1

fcec640a237a77cef48d437d939e2b5e969769f3
SHA256

a47c0fe31e433e763709afb6e8739f39980c7cb3a23ba6eee1b30da50e685e4a
SHA512

b0184599e127a65856bd5ec8cf269488f19b80a6c796f177fe42b5b09972960994d9b0e9a89b8fdb4ceb34ccdedb413360ceb1c02c4ea03f247f3639037762f0
SSDEEP

3072:1FJOt4k2T984P2h0fbFfXhpn3M+1ptocvUSV4dNb8cZq/Ee47S+gElWC72A2yUKY:1bOt4rT98ikQbFJpn3M+JjV4dV8cZqck

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57253832a7609d547d735c4725b0b0f2_JaffaCakes118

Files

57253832a7609d547d735c4725b0b0f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f8693effa43689c9cb974852c629e72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHGetSpecialFolderPathA

user32

CopyRect
GetQueueStatus
LoadStringA
RegisterWindowMessageA
RegisterClassA
wsprintfA
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
wvsprintfA
PostThreadMessageA
MonitorFromWindow
CreateWindowExA
GetMessageA
DestroyWindow

kernel32

GetTapeParameters
SetEvent
VirtualFree
GetTickCount
DisableThreadLibraryCalls
GetVersionExA
LeaveCriticalSection
CreateThread
GetSystemTimeAsFileTime
ReleaseSemaphore
InterlockedDecrement
EnterCriticalSection
GetExitCodeThread
GetACP
CloseHandle
ClearCommError
CreateSemaphoreA
WaitForSingleObject
ResumeThread
LocalFree
MultiByteToWideChar
CreateFileW
LoadLibraryW
VirtualAlloc
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetThreadPriority
QueryPerformanceCounter
WaitForMultipleObjects
EnumResourceNamesA
GetSystemInfo
GetLastError
InterlockedIncrement
WideCharToMultiByte
lstrlenA
GetSystemTime
ResetEvent
GetModuleFileNameW
LockResource
GetCurrentThreadId
CreateEventA
FreeLibrary
GetProcAddress
GlobalAlloc
FindResourceA
GetModuleFileNameA
FatalExit
LoadLibraryA
LoadResource
SetThreadPriority
GetProcessHeap
GetCurrentThread
Sleep
CreateMutexA
TerminateThread
IsBadWritePtr
HeapFree
IsBadReadPtr
ExitProcess

ole32

CLSIDFromString
CoFreeUnusedLibraries
CoCreateInstance
CreateStreamOnHGlobal
StringFromGUID2
CoRegisterClassObject
StringFromCLSID
CoTaskMemFree
CreateItemMoniker
CoRevokeClassObject
CoInitializeEx
GetRunningObjectTable
CoUninitialize
CoInitialize
CoTaskMemAlloc

advapi32

RegCloseKey
RegQueryValueExA
RegDeleteKeyA
RegSetValueA
RegCreateKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA

winmm

timeBeginPeriod
timeGetTime
timeGetDevCaps
timeEndPeriod

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f8693effa43689c9cb974852c629e72

Headers

File Characteristics

Imports

shell32

user32

kernel32

ole32

advapi32

winmm

oleacc

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 45KB - Virtual size: 45KB

.lib Size: 512B - Virtual size: 360KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 45KB - Virtual size: 45KB

.lib
Size: 512B - Virtual size: 360KB