073c7cb100f0a5659c8269ce3c872734_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

073c7cb100f0a5659c8269ce3c872734_JaffaCakes118
Size

296KB
MD5

073c7cb100f0a5659c8269ce3c872734
SHA1

36491e3840a2fc159b9d6dd1cdd698785f42ada9
SHA256

3831cd35aaec63a6363b9c150cab683389edf29bf5aa1bf6325100f676757cd0
SHA512

be9b8bdd735816aa343ff7b64f58743113bb075f389437a86554c57cea7d63f891728e4f26d896e7a1de3205c5a2fa8228e7a9d38e6f7b9e57822d09ecf4b705
SSDEEP

6144:LFmYHkuw8slzn55d9Xa4BZS1MuXzlFtMM2MMfJy:LFmYG8YznP7auk3jrtMM2MM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073c7cb100f0a5659c8269ce3c872734_JaffaCakes118

Files

073c7cb100f0a5659c8269ce3c872734_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af3b64ccb93c6f5b48d646675d9dc2e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ewf\tapeadkeq\

Imports

version

GetFileVersionInfoA
VerLanguageNameA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetModuleFileNameA
GetLastError
EnumSystemLocalesA
IsValidLocale
GetSystemTimeAsFileTime
VirtualQuery
IsBadWritePtr
GetCurrentProcessId
LCMapStringA
GetUserDefaultLCID
GetStringTypeW
CloseHandle
GetStartupInfoA
SetUnhandledExceptionFilter
GetTickCount
GetFileType
SetStdHandle
HeapSize
SetEnvironmentVariableA
GetVersionExA
GetCurrentThreadId
SetFilePointer
GetLocaleInfoA
CompareStringW
CompareStringA
WriteFile
SetConsoleCtrlHandler
InterlockedExchange
FatalAppExitA
GetEnvironmentStringsW
GetTimeZoneInformation
GetTimeFormatA
ReadFile
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentThread
SetHandleCount
TlsAlloc
GetStringTypeA
RtlUnwind
WideCharToMultiByte
SetLastError
HeapAlloc
GetOEMCP
HeapFree
VirtualProtect
GetACP
LeaveCriticalSection
GetCurrentProcess
InitializeCriticalSection
MultiByteToWideChar
FlushFileBuffers
LCMapStringW
CreateMutexA
QueryPerformanceCounter
GetSystemInfo
GetDateFormatA
HeapReAlloc
TerminateProcess
TlsSetValue
HeapDestroy
FreeEnvironmentStringsW
LoadLibraryA
TlsGetValue
GetEnvironmentStrings
TlsFree
IsBadReadPtr
GetCPInfo
DeleteCriticalSection
HeapCreate
GetModuleHandleA
EnterCriticalSection
GetLocaleInfoW
GetStdHandle
ExitProcess
GetProcAddress
VirtualFree
VirtualAlloc
GetCommandLineA
RaiseException
IsValidCodePage
IsBadCodePtr

advapi32

RegCreateKeyExA
CryptAcquireContextA
RegCreateKeyA
RegDeleteValueA
RegEnumKeyExA
IsValidSid
RegDeleteKeyA
RegQueryInfoKeyA
RegQueryValueExA
RegCloseKey

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetGetUniversalNameA
WNetCloseEnum

user32

InsertMenuItemA
GetKeyboardLayout
GetDesktopWindow
DestroyCursor
CreateWindowExA
GetMenuState
GetClipboardFormatNameA
MoveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetKeyNameTextA
TrackPopupMenuEx
MapWindowPoints
GetMenuItemID
ReleaseCapture
SendMessageA
GetClassInfoA
GetMenu
IsChild
GetWindowLongA
GetParent
LoadAcceleratorsA
TrackPopupMenu
SetCursor
SetRectEmpty
CallNextHookEx
ClientToScreen
SetCapture
MessageBoxA
IsRectEmpty
AdjustWindowRectEx
GetKeyState
RegisterClassA
LoadMenuA
IsWindowVisible
RegisterClipboardFormatA
GetCursorPos
SetWindowPos
TranslateMessage
SetWindowLongA
DefWindowProcA
DrawIcon
RegisterClassExA
DestroyWindow
ShowWindow
DeleteMenu

oleaut32

LoadTypeLi

shell32

DragAcceptFiles
SHGetPathFromIDListA
Shell_NotifyIconA
SHBrowseForFolderA

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af3b64ccb93c6f5b48d646675d9dc2e7

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

advapi32

mpr

user32

oleaut32

shell32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 88KB - Virtual size: 84KB

.data Size: 56KB - Virtual size: 68KB

.rsrc Size: 68KB - Virtual size: 65KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 88KB - Virtual size: 84KB

.data
Size: 56KB - Virtual size: 68KB

.rsrc
Size: 68KB - Virtual size: 65KB