JaffaCakes118_02243ef10b4489e1b485ce34629fb78d

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_02243ef10b4489e1b485ce34629fb78d
Size

187KB
MD5

02243ef10b4489e1b485ce34629fb78d
SHA1

e7fc14d6a3cc08973bf39d85080a56fabc93f4a1
SHA256

dcb78ad4e106a7c056f2e2b39fce6b3a5f9c190556b9ff73d032e783b4ceebfd
SHA512

6aeae95ad886e5e1c3c5731f9906db90724c28fe0019c53b5e9e95aa863a2768470dd027537776eb907f41cf0496f11672388ae8988286c95040a1d7bff4f953
SSDEEP

3072:cpjiz1RQ2CN/gbvdBmHitGSXeR4HwHN26OV7VjKci9JQFLlxZ5riGETCNraUA0gO:cpSENiVBmHXSXe6HUE627VjKciJKBx1r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_02243ef10b4489e1b485ce34629fb78d

Files

JaffaCakes118_02243ef10b4489e1b485ce34629fb78d
.exe windows:4 windows x86 arch:x86

4504cb186c4a1aeaf275e5c1b0105105

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shlwapi

PathAddBackslashA

kernel32

IsBadCodePtr
ResetEvent
CompareStringA
SetHandleCount
FreeEnvironmentStringsA
InterlockedDecrement
GetCurrentProcess
InitializeCriticalSection
GetThreadIOPendingFlag
GetOEMCP
WritePrivateProfileStringA
CreateSemaphoreA
HeapAlloc
GetACP
FlushFileBuffers
IsBadReadPtr
RtlUnwind
SetUnhandledExceptionFilter
GlobalAlloc
GetStringTypeW
UnmapViewOfFile
GetTimeZoneInformation
GetThreadPriority
WriteFile
GetFullPathNameW
GetStartupInfoA
GetSystemTime
GetFullPathNameA
TlsFree
WideCharToMultiByte
GetLastError
TerminateProcess
Sleep
InterlockedIncrement
LCMapStringW
TransmitCommChar
GetStdHandle
GetPriorityClass
GetTickCount
LeaveCriticalSection
MultiByteToWideChar
SetEndOfFile
IsDBCSLeadByte
GetTempPathW
HeapSize
InterlockedExchange
GetPrivateProfileStringA
IsBadWritePtr
CreateFileMappingA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsGetValue
CreateThread
SetLastError
CreateFileW
CloseHandle
EnumResourceNamesW
GetUserDefaultLCID
ExitThread
SetPriorityClass
GetStringTypeA
GetEnvironmentVariableA
lstrcpyA
HeapReAlloc
OutputDebugStringA
ExitProcess
RaiseException
lstrcmpA
LoadLibraryA
GetModuleHandleA
EnterCriticalSection
HeapFree
GetProcAddress
GetCPInfo
FileTimeToLocalFileTime
GlobalFree
ExitProcess
DeleteCriticalSection
GlobalUnlock
TlsAlloc
GetCurrentThreadId
GetFileType
ReleaseSemaphore
CompareStringW
HeapCreate
FreeLibrary
lstrcmpW
LCMapStringA
GetDiskFreeSpaceExA
HeapDestroy
FileTimeToSystemTime
GetCommandLineA
GetEnvironmentStrings
UnhandledExceptionFilter
GetModuleFileNameA
LoadLibraryW
SetEvent
MapViewOfFile
CreateMutexA
SetStdHandle
GetTempPathA
GetTempFileNameA
TlsSetValue
WaitForSingleObject
SetEnvironmentVariableA

user32

wsprintfW
wsprintfA
GetKeyState
CharNextA
MessageBoxA
CharUpperA
CharLowerA

Sections

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4504cb186c4a1aeaf275e5c1b0105105

Headers

File Characteristics

Imports

msimg32

advapi32

shlwapi

kernel32

user32

Sections

.text Size: 158KB - Virtual size: 157KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 24KB

.crt Size: 512B - Virtual size: 84KB

.text
Size: 158KB - Virtual size: 157KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 24KB

.crt
Size: 512B - Virtual size: 84KB