35e757566fe0a55d20ec121813f3dc27_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35e757566fe0a55d20ec121813f3dc27_JaffaCakes118
Size

104KB
MD5

35e757566fe0a55d20ec121813f3dc27
SHA1

f3e5778935c49df6891c6b88187563148794cc95
SHA256

6720f6db9957f8f1f9020435ac247d8310f0f6b33a7f55c8ff34d4fa37e64d3d
SHA512

7bc7fe79cc0952cc1a4a2c84c3913c692e1eee73ba824307a5a4592a78254060d77053ea021cd53570011a6b0528c88c1c22a10903ff2b5695cbf7fd98035816
SSDEEP

1536:FHSMlpp1cKMtL/mhpmIYcEYnSxkn5j2TQsf2WIlcJos:FHZpIpfoEunpMXf1Ilcys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35e757566fe0a55d20ec121813f3dc27_JaffaCakes118

Files

35e757566fe0a55d20ec121813f3dc27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a564d84ae1b88ed40363a93661ab7c65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
ReleaseMutex
GetLastError
CreateMutexW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
ReadFile
GetFileSize
CreateProcessW
TerminateProcess
GetExitCodeProcess
MultiByteToWideChar
WideCharToMultiByte
GetLongPathNameW
GetTempPathW
GetSystemTime
OpenMutexW
ExpandEnvironmentStringsW
LoadLibraryW
GetPrivateProfileStringW
WritePrivateProfileStringW
RemoveDirectoryW
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
GetProcAddress
DeleteFileW
GetWindowsDirectoryW
GetSystemDirectoryW
CopyFileW
MoveFileExW
FreeLibrary
GetCommandLineW
WaitForSingleObject
Sleep
CreateThread
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapSize
GetCurrentProcess
HeapReAlloc
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapAlloc
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
GetLocalTime
GetTimeZoneInformation
SetEnvironmentVariableA

user32

EnableWindow
IsWindow
GetDlgItem
KillTimer
EndDialog
LoadIconW
DialogBoxParamW
SetWindowPos
MoveWindow
GetClientRect
GetSystemMetrics
WaitForInputIdle
GetMessageW
SendMessageW
SetTimer
MessageBoxW
SetWindowTextW
PeekMessageW
TranslateMessage
DispatchMessageW

advapi32

RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegFlushKey
RegCloseKey

shell32

SHGetSpecialFolderPathW

winmm

timeKillEvent
timeEndPeriod
timeBeginPeriod
timeSetEvent
timeGetDevCaps

wininet

InternetOpenW
InternetReadFile
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenUrlW

netapi32

Netbios

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a564d84ae1b88ed40363a93661ab7c65

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

winmm

wininet

netapi32

iphlpapi

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 8KB - Virtual size: 4KB