e4287f9f12d1f051548d3f8a9553e083_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e4287f9f12d1f051548d3f8a9553e083_JaffaCakes118
Size

177KB
MD5

e4287f9f12d1f051548d3f8a9553e083
SHA1

0d3f480eddbb7cb5606bf30cb20b38a2cc772c71
SHA256

51967276621912b1988a5804d341ebc0c2b684adbbbe60455fbac8399005eeb5
SHA512

ce1d18c9ba4250d60d5bcae50c0913877cd91c71eddec1151bcfd8f2dbd49a1dc66527338dd46b94c088ae7cbf57cb40db63a5af21638afd5639a8233f34d9e2
SSDEEP

3072:zQ7dWmnpG/n8Ayds8XI0U1G4tXPV1k9J4OpWtJ877tbrSzb1MgPRjqVGXQg:zQwmEks8XR2G4v1UJh4m7J3Ib1Ps

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4287f9f12d1f051548d3f8a9553e083_JaffaCakes118

Files

e4287f9f12d1f051548d3f8a9553e083_JaffaCakes118
.exe windows:4 windows x86 arch:x86

273cf78c2f7244f6df9f38ac65db2673

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
FreeLibrary
GetACP
CloseHandle
GetLastError
GetThreadIOPendingFlag
GetTempPathW
CreateSemaphoreA
GetFullPathNameW
GetTempPathA
lstrcmpW
CreateThread
UnhandledExceptionFilter
GetPriorityClass
TlsGetValue
GetCurrentProcess
GetCommandLineA
UnmapViewOfFile
SetLastError
HeapCreate
GetOEMCP
SetPriorityClass
GetTickCount
LCMapStringW
ResetEvent
GetThreadPriority
LoadLibraryA
SetStdHandle
TerminateProcess
GetPrivateProfileStringA
IsBadReadPtr
WaitForSingleObject
TransmitCommChar
InitializeCriticalSection
GetFullPathNameA
GlobalAlloc
CreateFileW
LeaveCriticalSection
GlobalFree
CompareStringA
FileTimeToSystemTime
lstrcpyA
TlsAlloc
IsDBCSLeadByte
RaiseException
GetEnvironmentStringsW
GetCPInfo
OutputDebugStringA
TlsSetValue
SetEndOfFile
GetModuleHandleA
GetDiskFreeSpaceExA
ExitThread
SetHandleCount
SetEvent
EnumResourceNamesW
CompareStringW
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MapViewOfFile
MultiByteToWideChar
FreeEnvironmentStringsW
Sleep
GetProcAddress
GetEnvironmentVariableA
GetCurrentThreadId
DeleteCriticalSection
ExitProcess
FlushFileBuffers
WriteFile
WritePrivateProfileStringA
HeapFree
GetModuleFileNameA
HeapDestroy
GetTempFileNameA
InterlockedExchange
GetEnvironmentStrings
IsBadCodePtr
GetStringTypeW
ExitProcess
GetUserDefaultLCID
EnterCriticalSection
GetStdHandle
CreateFileMappingA
CreateMutexA
HeapReAlloc
GetSystemTime
GlobalUnlock
GetFileType
ReleaseSemaphore
FreeEnvironmentStringsA
lstrcmpA
GetStartupInfoA
LoadLibraryW
LCMapStringA
HeapAlloc
GetStringTypeA
TlsFree
FileTimeToLocalFileTime
HeapSize
RtlUnwind
SetUnhandledExceptionFilter
IsBadWritePtr
SetEnvironmentVariableA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

msimg32

AlphaBlend
TransparentBlt

user32

wsprintfA
GetKeyState
CharNextA
CharUpperA
wsprintfW
MessageBoxA
CharLowerA

shlwapi

PathAddBackslashA

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

273cf78c2f7244f6df9f38ac65db2673

Headers

File Characteristics

Imports

kernel32

advapi32

msimg32

user32

shlwapi

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 22KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 340KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 22KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 340KB