37e9210f344827163ed6f2753fb17eff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37e9210f344827163ed6f2753fb17eff_JaffaCakes118
Size

1.1MB
MD5

37e9210f344827163ed6f2753fb17eff
SHA1

956786bbb6da01413269c846a8497daf1e1b9ad4
SHA256

692d1ccb95d0c74d445479d29494fc781d3572c7ca47aad97a6729dcc6365172
SHA512

bf0da6b10a7b99ae455cbb3c3d84cb9e46c25d6070c82af229eefca7550e37793247d7cd857dd261d62af19d794411ca14ee129f8b97caa835fbb5f1785d9385
SSDEEP

24576:vpNA+6ob7gEdWKCCVH78ih5eFpU2G6UMlJALd:VgEdjCq7BwW3APid

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e9210f344827163ed6f2753fb17eff_JaffaCakes118

Files

37e9210f344827163ed6f2753fb17eff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

acf0e33c04ba3f12b01fe3e9e4e428cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
OpenSCManagerW
RegDeleteValueW

shlwapi

SHSetValueW
SHDeleteValueW
SHDeleteKeyW
UrlCanonicalizeW
PathStripToRootW
PathRemoveFileSpecW
PathRemoveExtensionW
PathIsURLW
PathIsNetworkPathW
PathIsRootW
PathGetDriveNumberW
PathFindNextComponentW
PathAppendW
PathAddBackslashW
SHStrDupW
StrCmpW
StrTrimW
StrStrIW
StrPBrkW
StrFormatByteSizeW
StrCmpNIW
StrChrW
PathIsRelativeW

kernel32

WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetProcAddress
VirtualAlloc
GetCurrentThreadId
GetLastError
LoadResource
GetFileSize
CloseHandle
GetSystemInfo
FileTimeToLocalFileTime
TlsFree
CreateMutexW
GetCommandLineW
OutputDebugStringW
FindResourceW
CreateDirectoryW
FindFirstFileW
GetACP
CompareStringW
GetUserDefaultLCID
IsValidCodePage
HeapFree
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
CreateFileW

mpr

WNetGetResourceInformationW
WNetOpenEnumW

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 437KB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.f2l4g
Size: 385KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acf0e33c04ba3f12b01fe3e9e4e428cd

Headers

File Characteristics

Imports

advapi32

shlwapi

kernel32

mpr

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 225KB - Virtual size: 225KB

.data Size: 437KB - Virtual size: 7.0MB

.f2l4g Size: 385KB - Virtual size: 387KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 225KB - Virtual size: 225KB

.data
Size: 437KB - Virtual size: 7.0MB

.f2l4g
Size: 385KB - Virtual size: 387KB