ef935cf2d475a56ccdbaba16a5da0206_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ef935cf2d475a56ccdbaba16a5da0206_JaffaCakes118
Size

177KB
MD5

ef935cf2d475a56ccdbaba16a5da0206
SHA1

3e9c9fa7804a76affa23ccad289e4dd0ca5636cf
SHA256

022f6814e9b899b018dd57d851b35624211af54caa4f78387412c2cf96f4b799
SHA512

4556ecec8f2447e5916ac2ed22be0aeb4f5116911247087b3dfe1368959ce1f0a8055316dce646fd454ca13768994f16564c42d55bda96e96278b7aa2acbd5c7
SSDEEP

3072:ztQ/wltNDbwnEELshZ/wN1NujLZ32Y7c6Sm/s+7tP0XPj8A/tb+Fry/:6/wlPDbTEgEN14jLwx6Sf+7KXYab+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef935cf2d475a56ccdbaba16a5da0206_JaffaCakes118

Files

ef935cf2d475a56ccdbaba16a5da0206_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1451e499c30b2b07b750cc3362b22c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

user32

wsprintfA
wsprintfW
MessageBoxA
CharNextA
GetKeyState
CharUpperA
CharLowerA

shlwapi

PathAddBackslashA

kernel32

GetOEMCP
GlobalAlloc
IsBadCodePtr
WideCharToMultiByte
GetThreadIOPendingFlag
lstrcpyA
GetACP
GetStringTypeW
SetUnhandledExceptionFilter
DeleteCriticalSection
CreateFileMappingA
GetFullPathNameW
SetLastError
WriteFile
GetStringTypeA
HeapAlloc
GetModuleFileNameA
GetDiskFreeSpaceExA
SetEndOfFile
GetCPInfo
ResetEvent
GetSystemTime
UnmapViewOfFile
TransmitCommChar
FreeEnvironmentStringsW
RtlUnwind
GetFullPathNameA
GetLastError
SetEvent
HeapCreate
IsBadWritePtr
Sleep
GetTempFileNameA
CompareStringW
MultiByteToWideChar
GetCommandLineA
WritePrivateProfileStringA
GetCurrentThreadId
FreeLibrary
WaitForSingleObject
ExitProcess
GetThreadPriority
EnumResourceNamesW
HeapReAlloc
FlushFileBuffers
GetEnvironmentVariableA
GetModuleHandleA
lstrcmpA
TlsGetValue
CreateMutexA
CreateFileW
TlsFree
GetCurrentProcess
GetTempPathA
RaiseException
HeapFree
GetPriorityClass
InterlockedDecrement
LCMapStringW
ReleaseSemaphore
GlobalFree
InitializeCriticalSection
UnhandledExceptionFilter
ExitThread
GetStdHandle
CloseHandle
GetPrivateProfileStringA
ExitProcess
LeaveCriticalSection
IsBadReadPtr
CreateSemaphoreA
GetUserDefaultLCID
InterlockedExchange
LCMapStringA
EnterCriticalSection
GetTempPathW
SetPriorityClass
GetEnvironmentStrings
TlsAlloc
GetTickCount
CreateThread
HeapSize
GetFileType
SetHandleCount
MapViewOfFile
TlsSetValue
OutputDebugStringA
GetTimeZoneInformation
lstrcmpW
FileTimeToLocalFileTime
IsDBCSLeadByte
GetProcAddress
GetStartupInfoA
LoadLibraryW
HeapDestroy
InterlockedIncrement
GetEnvironmentStringsW
CompareStringA
SetStdHandle
FileTimeToSystemTime
GlobalUnlock
LoadLibraryA
TerminateProcess
FreeEnvironmentStringsA
SetEnvironmentVariableA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1451e499c30b2b07b750cc3362b22c4

Headers

File Characteristics

Imports

msimg32

advapi32

user32

shlwapi

kernel32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 29KB - Virtual size: 29KB

.crt Size: 512B - Virtual size: 220KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 29KB - Virtual size: 29KB

.crt
Size: 512B - Virtual size: 220KB