193243bcdfa79a0e1cc63621720a2fcb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

193243bcdfa79a0e1cc63621720a2fcb_JaffaCakes118
Size

84KB
MD5

193243bcdfa79a0e1cc63621720a2fcb
SHA1

743c780a1d0fc692535d8c8ac6d5fd945909311a
SHA256

f3d3842845a0d736553aec63d6f3b8873b14ca2cacd6e0e63ee7add938b04f24
SHA512

271aaaf737bc814dd7c62dca1fd130113dfd6645e73b8677a4b8f89090cf771a007c0be1cb479f0d290acdd5188a78d881681cb9f77e6d0c880530fbeaf449d7
SSDEEP

768:T93wNtx4eiXK2eJS5yUM1rQd/oxfnd3253qmPerYon2OwLHha2m0JhtnQYZYo1he:TNwGRK2Ot1UFoD2ZAbeHZrQqf5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193243bcdfa79a0e1cc63621720a2fcb_JaffaCakes118

Files

193243bcdfa79a0e1cc63621720a2fcb_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c662191c5d8750c76014eea6bcc3ff3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

isoburn.pdb

Imports

advapi32

EventEnabled
RegCloseKey
RegEnumKeyW
RegOpenKeyExW
EventRegister
EventUnregister
EventWrite

kernel32

lstrlenW
LeaveCriticalSection
EnterCriticalSection
CreateThread
FlushInstructionCache
GetCurrentProcess
RaiseException
GetCurrentThreadId
GetTickCount64
GetLastError
GetVolumePathNamesForVolumeNameW
LocalFree
FormatMessageW
GetModuleHandleW
CompareStringOrdinal
HeapDestroy
GetStartupInfoW
GetCommandLineW
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
SetLastError
UnhandledExceptionFilter

user32

LoadIconW
RegisterWindowMessageW
GetDesktopWindow
SetWindowTextW
DialogBoxParamW
SetFocus
ShowWindow
SetWindowLongW
LoadStringW
EnableWindow
EndDialog
MessageBoxW
SetDlgItemTextW
SendDlgItemMessageW
SendMessageW
PostMessageW
SetTimer
KillTimer
IsDlgButtonChecked
GetDlgItem

msvcrt

??2@YAPAXI@Z
_controlfp
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
??_V@YAXPAX@Z
??3@YAXPAX@Z
memset
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_purecall
__getmainargs
isalpha
toupper
_ftol2
_vsnwprintf
??_U@YAPAXI@Z
_cexit

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoGetMalloc
CoInitializeEx

oleaut32

SysAllocString
VariantClear
DispCallFunc
SysStringLen
LoadRegTypeLi
SysFreeString

uxtheme

EnableThemeDialogTexture

shlwapi

ord388
SHRegGetValueW
ord158
PathFindFileNameW

comctl32

ord332
ord386
ord334
ord329
ord328

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vymjuuq
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c662191c5d8750c76014eea6bcc3ff3f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

msvcrt

ole32

oleaut32

uxtheme

shlwapi

comctl32

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 55KB - Virtual size: 54KB

.reloc Size: 2KB - Virtual size: 30KB

vymjuuq Size: - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 55KB - Virtual size: 54KB

.reloc
Size: 2KB - Virtual size: 30KB

vymjuuq
Size: - Virtual size: 4KB