07f7528c1e3009c831ca275961dab93a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07f7528c1e3009c831ca275961dab93a_JaffaCakes118
Size

117KB
MD5

07f7528c1e3009c831ca275961dab93a
SHA1

d42dd54c189ec1f1cf248d7a4fea13e7022fa7bd
SHA256

4ee5c97120869fd18cd480e133742c81628a217b1ddb34cac400d027837be55e
SHA512

ba627736e19f18678c9c679145932d72b937a8313467c8b097ca22532bc0301e58985c21984a5f52041c9ea0c96eef130367e7a9b1e465fa1a858b841286f418
SSDEEP

1536:Ym9fTctYw9vU5DmG9Og96C5ENAulHbohPNCm2vwNOEhTt/A7L8+5k8Wbt:N97ud9ezOgYCgrl7OPkmEw4ExtN/8g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07f7528c1e3009c831ca275961dab93a_JaffaCakes118

Files

07f7528c1e3009c831ca275961dab93a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f0a14b9185e1cf0a6c881b07962b180

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_LoadImageW
ImageList_Destroy

kernel32

WaitForSingleObject
CreateMutexA
GetCurrentProcessId
LoadLibraryExA
GetModuleHandleA
GetSystemDirectoryA
GetVersionExA
GetFileAttributesA
GetLocaleInfoA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
Sleep
GetDriveTypeA
GetStdHandle
WriteFile
ExitProcess
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ReleaseMutex
HeapDestroy
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
GetFullPathNameA
RtlUnwind
HeapReAlloc
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetACP
InterlockedExchange
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
CompareStringA
CompareStringW
CloseHandle
GetProcAddress
GetModuleFileNameA
GetThreadLocale
SetThreadLocale
GetModuleHandleW
LoadLibraryExW
SizeofResource
FreeLibrary
GetModuleFileNameW
lstrcmpW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GlobalHandle
GlobalFree
LoadResource
LockResource
GlobalLock
GetTickCount
GlobalUnlock
GetCurrentThreadId
SetLastError
MulDiv
FindResourceW
GlobalAlloc
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
SetErrorMode
FindFirstFileA
FindNextFileA
FindClose
lstrcmpiW
DeleteCriticalSection
InitializeCriticalSection
GetLastError
WideCharToMultiByte
lstrlenA
OutputDebugStringW
DebugBreak
InterlockedIncrement
InterlockedDecrement
lstrlenW
MultiByteToWideChar
RaiseException
WriteConsoleW
CreateFileA
FlushFileBuffers
HeapCreate

comdlg32

CommDlgExtendedError
GetOpenFileNameW

ole32

OleRegEnumVerbs
CreateOleAdviseHolder
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleRegGetUserType
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
OleRegGetMiscStatus
WriteClassStm
CreateDataAdviseHolder
OleSaveToStream
ReadClassStm
OleLockRunning

oleaut32

SysAllocString
VarBstrCmp
RegisterTypeLi
UnRegisterTypeLi
OleCreatePropertyFrame
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantChangeType
OleTranslateColor
SysFreeString
VariantClear
VariantInit

Sections

.text
Size: 66KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abss
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f0a14b9185e1cf0a6c881b07962b180

Headers

File Characteristics

Imports

comctl32

kernel32

comdlg32

ole32

oleaut32

Sections

.text Size: 66KB - Virtual size: 80KB

.abss Size: - Virtual size: 168KB

.pdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.atls Size: 4KB - Virtual size: 4KB

.shared Size: 4KB - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 4KB - Virtual size: 264B

.text
Size: 66KB - Virtual size: 80KB

.abss
Size: - Virtual size: 168KB

.pdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.atls
Size: 4KB - Virtual size: 4KB

.shared
Size: 4KB - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 4KB - Virtual size: 264B