369b7168724de642459361d6e5cbc046_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

369b7168724de642459361d6e5cbc046_JaffaCakes118
Size

450KB
MD5

369b7168724de642459361d6e5cbc046
SHA1

9f2753c350ad05a931f9a9816c3c784fa8079671
SHA256

04dd21ec82a19f904e4b2a14ad43a8ab94f1f1e4879e3ee7605a4e6c865b3cad
SHA512

a44d0a56dabae6a2f41507d45ffbab300e80f41d9669d04f032757a5c7306e9442e17f7fcc9c32dac94d651c78a908d70ad9b051de7551fc7a3ed616c382cf39
SSDEEP

6144:1w0fCXxMR8+LoIq6yvSPRIgdHwOxQf6i/PzWS0f57BKVTwglffmki8zfedvJ:18Me+L6SpHQFzWS0f57BKV84i8redvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
369b7168724de642459361d6e5cbc046_JaffaCakes118

Files

369b7168724de642459361d6e5cbc046_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b32d669fbdc0c68a6fd8390c74e22a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupSecurityDescriptorPartsW
LookupAccountNameA
RegCreateKeyA
GetUserNameA
InitializeSecurityDescriptor
GetUserNameW
RegDeleteKeyA
RegQueryValueA
RegSetValueExA
RegOpenKeyA
CryptEnumProvidersW

comctl32

InitCommonControlsEx

user32

SetParent
ToUnicode
RegisterClassA
OpenClipboard
MonitorFromPoint
RegisterClassExA
MessageBoxExA
EnumThreadWindows
ValidateRect
MapVirtualKeyExW
FillRect
GetSystemMetrics
GetAltTabInfo
GetCursor
EndTask
ChangeDisplaySettingsW
DlgDirSelectComboBoxExW

kernel32

GetTickCount
MultiByteToWideChar
FreeEnvironmentStringsA
WaitForMultipleObjects
GetFileType
GetProcAddress
GetStartupInfoA
MoveFileExA
GetModuleFileNameA
GetLastError
GetSystemTime
DeleteCriticalSection
GetCommandLineW
TlsSetValue
IsBadWritePtr
HeapDestroy
VirtualAlloc
CreateProcessW
ReadFile
InterlockedExchange
GetEnvironmentStringsW
GlobalAddAtomA
TerminateProcess
HeapCreate
SetFilePointer
WriteFile
GetStringTypeA
FileTimeToSystemTime
GetProfileSectionA
GetVersion
TlsAlloc
CloseHandle
OpenMutexA
GetModuleFileNameW
VirtualFree
EnumTimeFormatsA
CreateMutexA
GetCurrentProcessId
GetStringTypeW
GlobalCompact
GetConsoleCP
GetTimeZoneInformation
UnhandledExceptionFilter
RtlUnwind
CreateSemaphoreA
LeaveCriticalSection
GetExitCodeThread
SetEnvironmentVariableA
FreeEnvironmentStringsW
EnterCriticalSection
InterlockedIncrement
GetCPInfo
InterlockedDecrement
WriteProfileStringW
InitializeCriticalSection
LCMapStringW
GetStdHandle
TlsFree
CompareStringA
HeapFree
GetCommandLineA
GetNamedPipeHandleStateW
VirtualQuery
CompareStringW
WideCharToMultiByte
TlsGetValue
LCMapStringA
GetModuleHandleA
SetLastError
QueryPerformanceCounter
GetCurrentProcess
HeapReAlloc
CreateNamedPipeA
GetStartupInfoW
GetLocalTime
LocalAlloc
LoadLibraryA
GetCurrentThreadId
ExitProcess
GetEnvironmentStrings
SetStdHandle
GetSystemTimeAsFileTime
GetSystemDefaultLCID
SetHandleCount
FlushFileBuffers
GetCurrentThread
HeapAlloc

shell32

SHGetSettings
SHGetMalloc

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b32d669fbdc0c68a6fd8390c74e22a3

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

shell32

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 4KB - Virtual size: 9KB

.data Size: 151KB - Virtual size: 151KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 4KB - Virtual size: 9KB

.data
Size: 151KB - Virtual size: 151KB

.rsrc
Size: 9KB - Virtual size: 8KB