033414a8a187537efbd31604715ba244_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

033414a8a187537efbd31604715ba244_JaffaCakes118
Size

638KB
MD5

033414a8a187537efbd31604715ba244
SHA1

875abcdee60071eacba7621da0b5e4d9d1ac5c7a
SHA256

60023b73b217ed8cbc816fe11c00dd9310da061c2fbf8df3354f3fc05dca9511
SHA512

1c63d305778740c86b73ed6a257ec83a88419a7245039ec43db25d6d5b4e33b4ea08bc50fcf75e243ade6e1bfa68c60857fdb637fbd2a3818f16ce364cf3a8c9
SSDEEP

12288:fBecofZD8IMuv+BwMb2LAqp8l1eTRHPUfPCXFeZWF1wa6Rx7FEzzn:JqZD88v5AqqlGHPUfPCXF7F1wxCvn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
033414a8a187537efbd31604715ba244_JaffaCakes118

Files

033414a8a187537efbd31604715ba244_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10b062e721dfe98e3d230cfdf634272b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
Sleep
CreateFileA
LCMapStringA
FillConsoleOutputAttribute
GetStartupInfoW
ReadFile
WriteFile
LeaveCriticalSection
QueryPerformanceCounter
IsValidCodePage
LocalHandle
InterlockedExchangeAdd
GetCurrentProcess
GetSystemTimeAsFileTime
RtlMoveMemory
GetEnvironmentStrings
HeapSize
VirtualQuery
GetProcessHeap
HeapCreate
GetModuleFileNameW
TlsAlloc
TlsFree
GetCommandLineW
TerminateProcess
GetLocaleInfoW
GetUserDefaultLCID
CompareStringW
GetCurrentThreadId
FindResourceExA
GetExitCodeProcess
HeapFree
DebugBreak
GetCommandLineA
CompareStringA
OutputDebugStringA
SetConsoleCtrlHandler
HeapReAlloc
FreeEnvironmentStringsW
lstrlenA
GetFileType
GetModuleFileNameA
GlobalSize
GetStringTypeA
IsBadReadPtr
GetPrivateProfileStringA
WideCharToMultiByte
LoadLibraryW
SetStdHandle
HeapAlloc
GetAtomNameA
GetProcAddress
GetDateFormatA
RaiseException
SetLastError
EnterCriticalSection
GlobalUnlock
GetSystemInfo
CloseHandle
CreateThread
RtlUnwind
GetStringTypeW
GetCurrentThread
InitializeCriticalSectionAndSpinCount
VirtualAlloc
GetTimeZoneInformation
ExitProcess
GetTickCount
GetConsoleOutputCP
GetEnvironmentStringsW
SetHandleCount
OutputDebugStringW
IsDebuggerPresent
SetEnvironmentVariableA
DeleteCriticalSection
InterlockedDecrement
SetFilePointer
TlsGetValue
SetUnhandledExceptionFilter
SetEndOfFile
HeapValidate
GetModuleHandleA
LCMapStringW
InterlockedExchange
VirtualFree
GetCurrentProcessId
GetTimeFormatA
FlushFileBuffers
GetStdHandle
FreeLibrary
OpenMutexA
UnhandledExceptionFilter
GetShortPathNameW
GetStartupInfoA
GetOEMCP
GetModuleHandleW
CreateMutexA
GetACP
GetConsoleCP
GetConsoleMode
TlsSetValue
WriteConsoleA
HeapDestroy
LoadLibraryA
GetLocaleInfoA
InterlockedIncrement
GetLastError
GetCPInfo
MultiByteToWideChar
IsValidLocale
EnumSystemLocalesA
SetVolumeLabelA

shell32

FindExecutableA
DragQueryFile
SHFormatDrive
SHBrowseForFolderA
SHFileOperationA

user32

CloseWindowStation
RegisterClassExA
ExitWindowsEx
IsDialogMessage
SwapMouseButton
SetUserObjectInformationA
UnloadKeyboardLayout
GetMenuItemRect
GetInputState
SetWindowsHookExW
GetClipboardFormatNameW
InvalidateRgn
SetSystemCursor
GetSysColor
RegisterClassA
OemToCharA
AttachThreadInput
MapWindowPoints
EnumWindowStationsA
MapVirtualKeyExW
MessageBoxExW

comctl32

InitCommonControlsEx

Sections

.text
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10b062e721dfe98e3d230cfdf634272b

Headers

File Characteristics

Imports

kernel32

shell32

user32

comctl32

Sections

.text Size: 427KB - Virtual size: 426KB

.rdata Size: 48KB - Virtual size: 76KB

.data Size: 154KB - Virtual size: 154KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 427KB - Virtual size: 426KB

.rdata
Size: 48KB - Virtual size: 76KB

.data
Size: 154KB - Virtual size: 154KB

.rsrc
Size: 7KB - Virtual size: 7KB