19e74c35708be7e855711772ef639114_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19e74c35708be7e855711772ef639114_JaffaCakes118
Size

252KB
MD5

19e74c35708be7e855711772ef639114
SHA1

bfb06338f849d81cf4b43a9facfdea41c6e7bafe
SHA256

6be676a71dbef90f7337bca5ee7df6b98578273022cad75d99cdbe62df67ca88
SHA512

e758e4a13301c88f42b40bcd35f7ad4a3d41a4d6adb0bc441bb100e4f3a5b01899c3c90ccbce20c251bc72d52467aef21a4419e7f2464b9fcd468b11fbef6da5
SSDEEP

6144:RfqVGhzLYSE1WI4Cpj7f/2pfaxl9IfgViXEVnHD:VEG5LYS8WqBHt1IfgJHD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19e74c35708be7e855711772ef639114_JaffaCakes118

Files

19e74c35708be7e855711772ef639114_JaffaCakes118
.exe windows:4 windows x86 arch:x86

755126831b813abfc58092634e4044b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
ExitProcess
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetLastError
TlsAlloc
GetCurrentThread
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
GetEnvironmentVariableA
HeapCreate
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
FreeLibrary
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeW
LoadLibraryW
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatA
GetDateFormatA
Beep
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
CreateDirectoryA
RemoveDirectoryA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
MoveFileA
RaiseException
GetExitCodeProcess
WaitForSingleObject
GetSystemInfo
DuplicateHandle
CreatePipe
SystemTimeToFileTime
GetVersion
GetProcAddress

samlib

SamCloseHandle
SamFreeMemory

user32

SetForegroundWindow
RegisterClassA
AppendMenuW
DialogBoxIndirectParamA
RemoveMenu
EmptyClipboard
SetWindowLongW
UnregisterClassW
SetCapture
RegisterClassExW
OffsetRect
GetClassInfoW
IsChild
OpenClipboard
GetKeyboardType
CharPrevW
MonitorFromWindow
DestroyIcon
wsprintfW
SendDlgItemMessageW
SendDlgItemMessageA
EnumClipboardFormats
GetCapture
IsDlgButtonChecked
RegisterWindowMessageW
GetMenuInfo
LoadMenuA
WaitForInputIdle
LoadIconA
GetMenuItemRect
LoadBitmapW
wvsprintfA
SetCursorPos
LoadCursorA
LoadCursorW
GetClassInfoExA
SetTimer

gdi32

AddFontResourceW
GetMetaFileA
CreateBrushIndirect
CreateICW
CreateFontIndirectW
AddFontResourceA
RemoveFontResourceW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.QiuSS
Size: 1KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hk
Size: 74KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rkfY
Size: 2KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YbWCgr
Size: 144KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

755126831b813abfc58092634e4044b4

Headers

File Characteristics

Imports

kernel32

samlib

user32

gdi32

Sections

.text Size: 12KB - Virtual size: 12KB

.QiuSS Size: 1KB - Virtual size: 70KB

.hk Size: 74KB - Virtual size: 156KB

.rdata Size: 3KB - Virtual size: 49KB

.rkfY Size: 2KB - Virtual size: 320KB

.data Size: 6KB - Virtual size: 149KB

.YbWCgr Size: 144KB - Virtual size: 162KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 12KB - Virtual size: 12KB

.QiuSS
Size: 1KB - Virtual size: 70KB

.hk
Size: 74KB - Virtual size: 156KB

.rdata
Size: 3KB - Virtual size: 49KB

.rkfY
Size: 2KB - Virtual size: 320KB

.data
Size: 6KB - Virtual size: 149KB

.YbWCgr
Size: 144KB - Virtual size: 162KB

.rsrc
Size: 7KB - Virtual size: 7KB