ff99e9716fc1b552aa546aa53f64e083_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff99e9716fc1b552aa546aa53f64e083_JaffaCakes118
Size

166KB
MD5

ff99e9716fc1b552aa546aa53f64e083
SHA1

c5e50089a0645ef215ddc38b387858892db1033b
SHA256

57ea452f46004366ebd8a2c47dcdbad93c6dcfb0d704ff6ec41e13f97b206258
SHA512

ff6da5c2b5d36d51477ea5ce1e8ef5814695d83df42840c058f35db5c4ad6530c0cfd0dde23c30daf98ae79b214be83126111dc1374cbe6cc855bdcd444f1fbc
SSDEEP

3072:dLVnKCZk+IFAUY/8dWFJVcVvLqCv80KsDFCXlvdHArtX8S+TJ38eHxYIx2X7:dLdk+eAV/8d4AzqCvn9FCXlVgp0NHU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff99e9716fc1b552aa546aa53f64e083_JaffaCakes118

Files

ff99e9716fc1b552aa546aa53f64e083_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3add6eb6bdc8eda81a08749cb098ae98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
GetACP
FileTimeToSystemTime
GetEnvironmentStringsW
Sleep
IsBadWritePtr
TerminateProcess
GetThreadIOPendingFlag
GetModuleHandleA
GetFileType
TlsFree
ResetEvent
HeapDestroy
MapViewOfFile
SetStdHandle
SetPriorityClass
SetEvent
CreateSemaphoreA
WriteFile
GetPrivateProfileStringA
IsBadReadPtr
WideCharToMultiByte
FreeEnvironmentStringsW
WaitForSingleObject
GetLastError
GetOEMCP
TlsAlloc
MultiByteToWideChar
InterlockedIncrement
HeapReAlloc
RtlUnwind
SetLastError
LCMapStringA
HeapAlloc
DeleteCriticalSection
TransmitCommChar
LCMapStringW
GetProcAddress
GetTimeZoneInformation
IsDBCSLeadByte
HeapCreate
GetPriorityClass
CreateFileW
InitializeCriticalSection
EnumResourceNamesW
GetFullPathNameA
GetCurrentThreadId
IsBadCodePtr
HeapFree
LoadLibraryA
GlobalUnlock
ReleaseSemaphore
HeapSize
InterlockedExchange
GlobalAlloc
GetCPInfo
ExitThread
GetDiskFreeSpaceExA
lstrcmpA
GetEnvironmentVariableA
GetStringTypeW
GetStartupInfoA
GetStringTypeA
GetTempPathA
SetHandleCount
GetStdHandle
TlsSetValue
FlushFileBuffers
ExitProcess
CreateThread
GetModuleFileNameA
CompareStringA
GetTempFileNameA
GlobalFree
GetSystemTime
FreeLibrary
FreeEnvironmentStringsA
SetEndOfFile
WritePrivateProfileStringA
GetCommandLineA
InterlockedDecrement
lstrcmpW
LoadLibraryW
lstrcpyA
CloseHandle
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
CompareStringW
GetCurrentProcess
GetTempPathW
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
RaiseException
GetUserDefaultLCID
UnhandledExceptionFilter
ExitProcess
GetTickCount
CreateMutexA
GetEnvironmentStrings
TlsGetValue
GetFullPathNameW
CreateFileMappingA
GetThreadPriority
SetEnvironmentVariableA

shlwapi

PathAddBackslashA

user32

CharUpperA
wsprintfA
wsprintfW
MessageBoxA
GetKeyState
CharNextA
CharLowerA

msimg32

AlphaBlend
TransparentBlt

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3add6eb6bdc8eda81a08749cb098ae98

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

msimg32

advapi32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.crt
Size: 512B - Virtual size: 72KB