JaffaCakes118_968559a3f40862d2ab72c2ae77bb8cd8

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_968559a3f40862d2ab72c2ae77bb8cd8
Size

174KB
MD5

968559a3f40862d2ab72c2ae77bb8cd8
SHA1

5a1e676f480045ee7a3743625b050eebd8e4d478
SHA256

364bb35da47df0549c7a28f8287249491e016871d6ad3a4c42d84753e486cd49
SHA512

c233cc6a64ce3891683ad8f43a722a6cefe3bb9f6bb3aea185e3e44bbff2732bae74f499209fc1f9a271821582e2316b8bb1c70ce2a3526aa1939d60675bc444
SSDEEP

3072:htEOlJjDTg/ZstvyMDlccDGdvnYS4G2VrP5CqDqjnwfbGF8e6R1P6/XjVC:hOoJjng/Zs5DGdvnY+oEqzggRR6PjV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_968559a3f40862d2ab72c2ae77bb8cd8

Files

JaffaCakes118_968559a3f40862d2ab72c2ae77bb8cd8
.exe windows:4 windows x86 arch:x86

44a8881fd5f785bd5984242a09a60b0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
DeleteCriticalSection
GetThreadIOPendingFlag
ResetEvent
LeaveCriticalSection
ExitProcess
SetHandleCount
WritePrivateProfileStringA
GetModuleFileNameA
TlsAlloc
GetEnvironmentStringsW
SetEndOfFile
lstrcpyA
FreeLibrary
lstrcmpA
FreeEnvironmentStringsW
WideCharToMultiByte
CreateFileW
GetProcAddress
FileTimeToLocalFileTime
LCMapStringW
InitializeCriticalSection
CreateMutexA
TransmitCommChar
GetFileType
WaitForSingleObject
ReleaseSemaphore
TerminateProcess
SetStdHandle
GetStringTypeW
GetTempPathW
FlushFileBuffers
UnmapViewOfFile
EnterCriticalSection
Sleep
MultiByteToWideChar
HeapDestroy
GetTempFileNameA
HeapFree
GetThreadPriority
LoadLibraryA
OutputDebugStringA
CompareStringW
MapViewOfFile
TlsSetValue
GetPriorityClass
GetStartupInfoA
LCMapStringA
GetFullPathNameW
FileTimeToSystemTime
CompareStringA
InterlockedExchange
HeapReAlloc
TlsGetValue
GlobalFree
GetUserDefaultLCID
IsBadWritePtr
GetEnvironmentVariableA
GetTimeZoneInformation
EnumResourceNamesW
CreateFileMappingA
GetDiskFreeSpaceExA
GetCurrentThreadId
GetACP
GlobalAlloc
GetStringTypeA
FreeEnvironmentStringsA
LoadLibraryW
GetOEMCP
GetLastError
TlsFree
CreateSemaphoreA
SetPriorityClass
WriteFile
CloseHandle
CreateThread
IsBadCodePtr
IsBadReadPtr
ExitProcess
GetStdHandle
GetPrivateProfileStringA
HeapSize
GlobalUnlock
UnhandledExceptionFilter
GetTickCount
InterlockedIncrement
ExitThread
SetEvent
GetEnvironmentStrings
GetCommandLineA
GetCPInfo
RtlUnwind
GetModuleHandleA
RaiseException
IsDBCSLeadByte
HeapCreate
SetUnhandledExceptionFilter
InterlockedDecrement
lstrcmpW
HeapAlloc
GetFullPathNameA
GetCurrentProcess
SetLastError
GetSystemTime
SetEnvironmentVariableA

shlwapi

PathAddBackslashA

msimg32

AlphaBlend
TransparentBlt

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

user32

wsprintfW
CharNextA
wsprintfA
CharUpperA
MessageBoxA
GetKeyState
CharLowerA

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44a8881fd5f785bd5984242a09a60b0d

Headers

File Characteristics

Imports

kernel32

shlwapi

msimg32

advapi32

user32

Sections

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 28KB

.crt Size: 512B - Virtual size: 340KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 28KB

.crt
Size: 512B - Virtual size: 340KB