35b7887733898f3740d9d356687009e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35b7887733898f3740d9d356687009e6_JaffaCakes118
Size

232KB
MD5

35b7887733898f3740d9d356687009e6
SHA1

c03b466d74e0da5e01f1d536b9e8bfde4426ea2a
SHA256

2db85fcb99147a098581e81f6dea211811431e06a416c24aeb6d7887af07adad
SHA512

b2da358d75f43027beaba603aa6cf126311bba7f70a915becb734095fc9d048c9f4e73c17f9c5579030d32d7480d53b241b4faa3756c0eee3de1c2f3bb9552d1
SSDEEP

3072:Ygb5VRh/ITc/Tvx1Kp8IJcmPicvGN6MoD2TkgnUAQ4lAdwHSnvtHPCjxwVeXr1zP:Ygb5V7IIbwPxGN6STkAUr4TtXr1zP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35b7887733898f3740d9d356687009e6_JaffaCakes118

Files

35b7887733898f3740d9d356687009e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b083a5c3f096cc9fc1461bb924875a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hydrahlp

HydraHelp

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

ord17
PropertySheetA

kernel32

GlobalAlloc
GetModuleFileNameA
GetLastError
CreateMutexA
GetUserDefaultLangID
GlobalFindAtomA
GlobalDeleteAtom
GlobalAddAtomA
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
OpenProcess
CloseHandle
GetModuleHandleA
GlobalLock
lstrcatA
GlobalUnlock
GlobalFree
lstrcpyA
lstrlenA
Sleep
WinExec
LocalAlloc
LocalFree
lstrcmpA
GetCurrentThreadId
GetCurrentProcess
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersionExA
SetFilePointer
SetStdHandle
ReadFile
FlushFileBuffers
GetStringTypeW
WriteFile
GetStringTypeA
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapReAlloc

user32

IsDlgButtonChecked
ShowWindow
CheckDlgButton
GetParent
PostMessageA
DestroyWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
SendDlgItemMessageA
wsprintfA
IsChild
CallNextHookEx
LoadStringA
EnableWindow
KillTimer
UnhookWindowsHookEx
FindWindowA
CreateWindowExA
EnumChildWindows
SetWindowsHookExA
GetDlgItem
GetWindowRect
LoadImageA
SendMessageA
MessageBoxA
DialogBoxIndirectParamA
EnumDisplaySettingsA
SetDlgItemTextA
GetWindowLongA
CharNextA
DefWindowProcA
PostQuitMessage
LoadIconA
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
SetCursor
GetDesktopWindow
GetDC
ReleaseDC
UnregisterHotKey
RegisterHotKey
OffsetRect
IntersectRect
EndDialog
SetWindowTextA
GetClassNameA
GetDlgCtrlID
GetWindowThreadProcessId
GetSystemMetrics
SystemParametersInfoA

gdi32

CreateCompatibleDC
GetClipBox
GetDCOrgEx
GetStockObject
CreateCompatibleBitmap
SelectObject
StretchBlt
SetBkMode
CreateFontIndirectA
GetTextExtentPoint32A
TextOutA
DeleteObject
ExtEscape
CreateDCA
DeleteDC

comdlg32

GetOpenFileNameA

advapi32

RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b083a5c3f096cc9fc1461bb924875a5

Headers

File Characteristics

Imports

hydrahlp

version

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 73KB

.rsrc Size: 132KB - Virtual size: 128KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 73KB

.rsrc
Size: 132KB - Virtual size: 128KB