32d598e2bbdcd734851e04fb0155c564_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

32d598e2bbdcd734851e04fb0155c564_JaffaCakes118
Size

500KB
MD5

32d598e2bbdcd734851e04fb0155c564
SHA1

becffbd8fc570c7024404917512f5556fc79045b
SHA256

d418916f094ba8f74321f7b6dcff5cafa0dd6ca844c8e042ca023d9ec5e4de9a
SHA512

de5552c0d7e41ba2eed04218e2945b2f3598276ee1020fd94f45bbca5122378f0d083dbcc3f754955c6da3deca94c36524fc659580e7dbfaaa901d01f236dd88
SSDEEP

12288:/bXqbxoq8sV+emirR+urPUV1Z0O6ei05ganolTAOiR:/byoo+eoI86OQa8UZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32d598e2bbdcd734851e04fb0155c564_JaffaCakes118

Files

32d598e2bbdcd734851e04fb0155c564_JaffaCakes118
.exe windows:5 windows x86 arch:x86

462dae539bbdac71f25c24d3fe747d25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
DeleteDC
CreateCompatibleDC
BitBlt
SelectObject

kernel32

WideCharToMultiByte
GetEnvironmentStrings
GetModuleHandleW
GetACP
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
GetCommandLineA
HeapSize
GetCurrentDirectoryA
GetCommandLineW
SetFileTime
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
HeapCreate
LoadLibraryExW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
ExpandEnvironmentStringsA
DuplicateHandle
FindFirstFileW
CompareStringA
FindFirstFileA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
GetWindowsDirectoryA
DeleteFileA
LCMapStringW
GetFileSize
GetStartupInfoA
FreeLibrary
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
GetVersionExW
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
SetCurrentDirectoryA
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
VirtualProtect
GetModuleFileNameW
SetLastError
OutputDebugStringA
FormatMessageA
InterlockedDecrement
FindClose
GetLocalTime
LoadResource
InitializeCriticalSection
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
SetErrorMode
CreateFileA
lstrcatA
LocalAlloc
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetExitCodeProcess
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
LockResource
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
GetEnvironmentVariableA
RtlUnwind
VirtualAlloc
FindResourceA
Sleep
VirtualFree
VirtualQuery
UnmapViewOfFile
GlobalLock

user32

MessageBoxA
MoveWindow
FillRect
EndDialog
DrawTextA
SetForegroundWindow
GetDesktopWindow
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
wsprintfA
SetWindowTextA
SetWindowLongA
ReleaseCapture
SetCapture
GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
PeekMessageA
SetFocus
SetTimer
GetWindowLongA
RegisterClassA
EnableMenuItem
LoadStringA
GetWindow
TranslateMessage
SetWindowPos
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
GetCursorPos
GetDC
EndPaint
DispatchMessageA
IsWindow
ReleaseDC
PostQuitMessage
DestroyMenu
SystemParametersInfoA
GetFocus
InvalidateRect
SendMessageA
GetClientRect
SetCursor
GetSysColor

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

462dae539bbdac71f25c24d3fe747d25

Headers

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 444KB - Virtual size: 443KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 444KB - Virtual size: 443KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB