250072abe9389f1cfa48d2d8187e35aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

250072abe9389f1cfa48d2d8187e35aa_JaffaCakes118
Size

400KB
MD5

250072abe9389f1cfa48d2d8187e35aa
SHA1

e891c6925a669580b812b66fc70eada2fedf4b14
SHA256

7fc788e2c8962616657e3c7b45f7eaf1da8420d02b76ca5c90995ca2e7b64851
SHA512

4a67dbbf3508b85060d6f9aa075f5c7df512275a0afdccdffa0c687658ffdf16a2228d421943fed33b4eef2d3328218e3edf623e90b327c0afe217d212607d50
SSDEEP

12288:nX0nbu2wFss5NdHHr1P0bcdNx3VpzvMf+NYTsgUy2BOyY:Ua2wFss5Ndnx04XVpDtFB4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
250072abe9389f1cfa48d2d8187e35aa_JaffaCakes118

Files

250072abe9389f1cfa48d2d8187e35aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca5418b6c68c9afa6a8897ee877e58d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GetVersionExA
lstrcmpiA
FindResourceA
FindResourceW
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
lstrcmpiW
InitializeCriticalSection
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
EnterCriticalSection
LoadResource
QueryPerformanceCounter
Sleep
CreateEventW
GetCurrentThreadId
CreateThread
SetEvent
GetComputerNameW
GetCurrentProcessId
WaitForSingleObject
GetCurrentThread
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
LCMapStringW
GetModuleHandleA
SizeofResource
GlobalAlloc
FreeLibrary
GlobalLock
GlobalUnlock
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LocalFree
GetModuleHandleW
FormatMessageW
GetLastError
CloseHandle
LocalAlloc
VirtualProtect
GetTickCount
GetStartupInfoA

user32

wvsprintfW
CreateWindowExA
AppendMenuW
AppendMenuA
SetFocus
GetClientRect
IsWindow
CreatePopupMenu
TrackPopupMenu
DestroyMenu
ShowWindow
DestroyWindow
FillRect

advapi32

QueryServiceStatus
StartServiceA
ControlService
CloseServiceHandle
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
OpenSCManagerW
RegSetValueExW
RegDeleteValueW
AdjustTokenPrivileges
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExA
GetTokenInformation
OpenThreadToken
OpenServiceA

gdi32

GetStockObject
Rectangle

ole32

OleRun
CreateBindCtx
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoQueryProxyBlanket
CoCreateInstanceEx
GetHGlobalFromStream

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_adjust_fdiv
wcstombs
strncpy
mbstowcs
vswprintf
__CxxFrameHandler
time
_except_handler3
wcslen
_wtol
wcscat
_itow
wcsstr
_wcsicmp
wcschr
wcsncat
mktime
wcscpy
_itoa
realloc
malloc
free

msvcp60

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 339KB - Virtual size: 677KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca5418b6c68c9afa6a8897ee877e58d2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcrt

msvcp60

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 339KB - Virtual size: 677KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 339KB - Virtual size: 677KB

.rsrc
Size: 1KB - Virtual size: 1KB