37a42fa0064cf47eeb47ad29d2c2a08a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37a42fa0064cf47eeb47ad29d2c2a08a_JaffaCakes118
Size

13KB
MD5

37a42fa0064cf47eeb47ad29d2c2a08a
SHA1

d46548498b033bf8a2e2e2be753cb6c0de7000d4
SHA256

f6b0a99aefa223cfb03a7cd4fa9a8f41923b57c9166a749a8a30d55cf3163672
SHA512

636eba89199ccdf7af8073e3cfc19d14513c2eb20e8324f161c2ee2d3fd1c0081fcd1454a38adb9ca5df5d10fce1890095a2829283f33c743e8b280b1d7d0df7
SSDEEP

192:xzEBX4YO5TyWfut1Y1FgPCZu93VQ77QxJ6v0HNNi16Y5Pkl:5EBXb2yW9Tgas3tJ6v03i16Y5Pkl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a42fa0064cf47eeb47ad29d2c2a08a_JaffaCakes118

Files

37a42fa0064cf47eeb47ad29d2c2a08a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9030b0bce6d3074990296265ce735b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
WaitForSingleObject
ReleaseMutex
SetLastError
InterlockedExchange
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
FreeLibrary
CompareStringA
GetModuleHandleA
GetModuleFileNameA
InterlockedIncrement
CloseHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
InterlockedDecrement

ole32

CoUninitialize
CoInitialize

fineobj

?GetFineObjectsVersion@FObj@@YAHXZ
?RemoveResourceModule@FObj@@YAXPAUHINSTANCE__@@@Z
?AddResourceModule@FObj@@YAXPAUHINSTANCE__@@@Z
?GetModuleFileNameW@FileSystem@FObj@@YA?AVCUnicodeString@2@PAUHINSTANCE__@@@Z
?EndStaticPart@FObj@@YAXXZ
?GetErrorFlag@FObj@@YA_NXZ
?BeginStaticPart@FObj@@YAXXZ
?Delete@CException@FObj@@QAEXXZ
?GetDrivePath@FileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
?DoCreateObject@FObj@@YA?AV?$CPtr@VIObject@FObj@@@1@ABVCUnicodeString@1@@Z
?Clean@FObj@@YAXXZ
?Warning@FObj@@YAXPAVCException@1@@Z
?SetCurrentLanguageCode@FObj@@YAXH@Z
?FindLanguageIndex@FObj@@YAHH@Z
?Get@?$CSetup@H@FObj@@UAEHXZ
?SetAppTitle@FObj@@YAXABVCUnicodeString@1@@Z
?Initialize@FObj@@YA_NPB_W0@Z
?GenerateInternalError@FObj@@YA_NW4TInternalErrorType@1@PB_W11JK@Z
??0?$CSetup@H@FObj@@QAE@ABVCUnicodeString@1@0HW4TSetupType@1@@Z
??0CUnicodeString@FObj@@QAE@PB_W@Z
??1CUnicodeString@FObj@@QAE@XZ
??1?$CSetup@H@FObj@@UAE@XZ
?GenerateCheckHRESULT@FObj@@YAXJ@Z
?LoadModule@FObj@@YAPAUHINSTANCE__@@PB_W@Z
?Merge@FileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@0@Z
?GenerateCheckLastError@FObj@@YAXK@Z
?AddResourcePrefix@FObj@@YAXPB_W0@Z
?GetName@FileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
?GetLongName@FileSystem@FObj@@YA?AVCUnicodeString@2@ABV32@@Z
?Format@FObj@@YA?AVCUnicodeString@1@PB_WZZ

msvcr71

__p__commode
_adjust_fdiv
__set_app_type
_except_handler3
__dllonexit
_onexit
??3@YAXPAX@Z
??1type_info@@UAE@XZ
__security_error_handler
_controlfp
?terminate@@YAXXZ
__setusermatherr
_initterm
__wgetmainargs
_amsg_exit
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
__CxxFrameHandler
__RTDynamicCast
__p__fmode

user32

MessageBoxA

Exports

Exports

__FineObjUsed

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9030b0bce6d3074990296265ce735b2

Headers

File Characteristics

Imports

kernel32

ole32

fineobj

msvcr71

user32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 408B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 408B

.rsrc
Size: 1KB - Virtual size: 1KB