222e37278ec6fd6e0969703060c577da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

222e37278ec6fd6e0969703060c577da_JaffaCakes118
Size

282KB
MD5

222e37278ec6fd6e0969703060c577da
SHA1

423443d536872be348a94a2f7923185f98466cd9
SHA256

0ffc8ae0c7e42d6fde41018147292168fad24e063ff4b89aee524e0123326d44
SHA512

188ca242615c90e5443cbd93eee8d0bcf5a00afde131da9c6dfdeb3a2d42c3c7c4dd580135eee5a727bbaa1f80668c1361db170067b0c74f4075b9fbe2de0e3f
SSDEEP

6144:W3e02IjvTM6ktZrWHUONvU6x5ehO4kB+Pl888888888888W88888888888g:WDTvTMtZrrONvHWOA888888888888W8o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
222e37278ec6fd6e0969703060c577da_JaffaCakes118

Files

222e37278ec6fd6e0969703060c577da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67b16648bac92ef545264831e78e6cb0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

kernel32

CloseHandle
CompareStringW
CreateEventW
CreateFileA
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
FindClose
FindFirstFileW
FormatMessageW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleWindow
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceW
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetThreadLocale
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryA
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
RaiseException
ReadFile
ResetEvent
RtlUnwind
SetConsoleCtrlHandler
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
SignalObjectAndWait
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatA
lstrcpyA
lstrcpynW
lstrlenW

shell32

ShellExecuteA

user32

CharNextW
CharToOemW
CharUpperBuffW
EnumThreadWindows
GetKeyboardType
GetSystemMetrics
LoadStringW
MessageBoxA
MessageBoxW
ShowWindow
wsprintfA

oleaut32

SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysAllocStringLen
SysFreeString
SysReAllocStringLen
VariantChangeType
VariantClear
VariantCopy
VariantInit

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 201KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67b16648bac92ef545264831e78e6cb0

Headers

File Characteristics

Imports

advapi32

kernel32

shell32

user32

oleaut32

Exports

Exports

Sections

.text Size: 201KB - Virtual size: 204KB

.data Size: 26KB - Virtual size: 64KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 38KB - Virtual size: 40KB

.reloc Size: 11KB - Virtual size: 12KB

.text
Size: 201KB - Virtual size: 204KB

.data
Size: 26KB - Virtual size: 64KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 38KB - Virtual size: 40KB

.reloc
Size: 11KB - Virtual size: 12KB