28050f0d5cbf5a95eb0c302b593766ba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28050f0d5cbf5a95eb0c302b593766ba_JaffaCakes118
Size

336KB
MD5

28050f0d5cbf5a95eb0c302b593766ba
SHA1

e2e136629b57f0b1e9e64520a2f3267655e578ca
SHA256

963fe391c6c881ea31ecbb851129ac50695f784f04e2d06b7d5806de50825ccd
SHA512

2ae41565ce596581e2b93ec5cea98b73b6af6fc19c6b8cf78d4595fc6fc67d45bb658b508e666ccc020357631e1e6177835fcc6bb9091f7541b388eb8e0ee909
SSDEEP

6144:nCeUU39eSzwGMCbjqW/xxMEI+4sqnxMZ0F:CTU3gSzwGMCbOWnPI+E80

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28050f0d5cbf5a95eb0c302b593766ba_JaffaCakes118

Files

28050f0d5cbf5a95eb0c302b593766ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b537ce03e6d457826d86ccbd188fc805

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WriteFile
WaitForSingleObject
VirtualQuery
Sleep
SizeofResource
SetThreadPriority
SetFilePointer
SetEvent
SetEndOfFile
ResetEvent
ReadFile
LockResource
LoadResource
LeaveCriticalSection
InitializeCriticalSection
GetVersionExA
GetThreadLocale
GetStringTypeExA
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCPInfo
GetACP
FormatMessageA
FindResourceA
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CompareStringA
CloseHandle
Sleep

user32

GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
AnimateWindow
SetWindowTextA
SetTimer
SetDlgItemTextA
SendMessageA
ReleaseDC
MessageBoxA
MessageBeep
LoadStringA
LoadIconA
KillTimer
InvalidateRect
GetWindowTextLengthA
GetWindowTextA
GetSystemMetrics
GetDlgItemTextA
GetDlgItem
GetClientRect
FillRect
EndDialog
DialogBoxParamA
DefWindowProcA
CharNextA
CharLowerA
CharToOemA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

gdi32

TextOutA
SetTextColor
SetPixelV
SetBkMode
SelectObject
SelectClipRgn
MoveToEx
LineTo
GetTextExtentPoint32A
GetStockObject
ExtTextOutA
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt

winmm

waveOutGetPosition
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutOpen

Sections

.LUC
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LUC
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LUC
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LUC
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LUC
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LUC
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b537ce03e6d457826d86ccbd188fc805

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

winmm

Sections

.LUC Size: 100KB - Virtual size: 100KB

.LUC Size: 4KB - Virtual size: 4KB

.LUC Size: 36KB - Virtual size: 36KB

.LUC Size: 8KB - Virtual size: 8KB

.LUC Size: 12KB - Virtual size: 12KB

.rsrc Size: 144KB - Virtual size: 144KB

.LUC Size: 24KB - Virtual size: 24KB

.avc Size: 4KB - Virtual size: 4KB

.LUC
Size: 100KB - Virtual size: 100KB

.LUC
Size: 4KB - Virtual size: 4KB

.LUC
Size: 36KB - Virtual size: 36KB

.LUC
Size: 8KB - Virtual size: 8KB

.LUC
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 144KB - Virtual size: 144KB

.LUC
Size: 24KB - Virtual size: 24KB

.avc
Size: 4KB - Virtual size: 4KB