37107dc26c8c44c42eab5b6c581a334a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37107dc26c8c44c42eab5b6c581a334a_JaffaCakes118
Size

584KB
MD5

37107dc26c8c44c42eab5b6c581a334a
SHA1

abe5df70d315fa1c01cbb2b490ce7f5ef59bac34
SHA256

565dd0b870218c35f3f4273b0b209a0156bdc54b24408c184a5c8da3075fe3de
SHA512

6a83c682de7ea494a3d01fa4126feb635d0fca6eac0865a1d446228872a03f77780771807216155db9c8496f99ab78f59d222489e80ea74b34138f87f2a3bdec
SSDEEP

12288:CBSGvBLdpbgKBoX3VQMxr176Ff4QAajj+0fp8/:iBLdpkeonVQur176FMalfp8/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37107dc26c8c44c42eab5b6c581a334a_JaffaCakes118

Files

37107dc26c8c44c42eab5b6c581a334a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0bb6c5a6f9f265222afa1b4322bf8f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\tvmi.pdb

Imports

kernel32

GetCommandLineA
LocalFlags
TlsGetValue
GetModuleFileNameA
InitializeCriticalSection
SetEnvironmentVariableA
CreateProcessW
InterlockedDecrement
LCMapStringA
WriteFile
GetStringTypeW
RtlUnwind
GetStdHandle
IsBadReadPtr
InterlockedExchangeAdd
GetSystemTimeAsFileTime
HeapDestroy
LoadLibraryA
GetCurrentThreadId
GetProfileIntA
VirtualAlloc
GetStringTypeA
HeapReAlloc
MultiByteToWideChar
SetConsoleCtrlHandler
GetEnvironmentStrings
VirtualQuery
GetVersion
CreateToolhelp32Snapshot
CompareStringA
HeapValidate
GetTickCount
GetOEMCP
LeaveCriticalSection
TlsSetValue
TerminateProcess
CompareStringW
EnterCriticalSection
QueryPerformanceCounter
GetStartupInfoA
VirtualFreeEx
OutputDebugStringA
FlushFileBuffers
GetStartupInfoW
SetStdHandle
IsBadWritePtr
VirtualFree
GetSystemTime
lstrlenW
TlsFree
FreeLibrary
LoadLibraryW
SetFilePointer
OpenMutexA
GetModuleHandleA
InterlockedIncrement
GetCPInfo
CopyFileExA
GetFileType
HeapCreate
GetEnvironmentStringsW
HeapAlloc
GetAtomNameW
GetEnvironmentStringsA
GetLocalTime
UnhandledExceptionFilter
WideCharToMultiByte
GetLastError
SetHandleCount
CreateMutexA
CloseHandle
EnumCalendarInfoExA
GetCurrentProcessId
GetCurrentProcess
lstrcmpA
TlsAlloc
FreeEnvironmentStringsW
DeleteCriticalSection
ReadFile
HeapFree
SetLastError
GetTimeZoneInformation
ExitProcess
GetCurrentThread
InterlockedExchange
FreeEnvironmentStringsA
GetACP
GetProcAddress
LCMapStringW
DebugBreak

user32

SetPropA
MessageBoxW
DestroyWindow
SetWindowContextHelpId
SendDlgItemMessageW
EndDialog
DdeGetLastError
CallMsgFilter
LoadStringW
VkKeyScanA
CloseDesktop
RegisterClassExA
ScrollDC
ClipCursor
CreateMenu
SetDlgItemInt
GetInputDesktop
GetProcessDefaultLayout
GetSysColor
GetScrollBarInfo
GetClassInfoW
CreateWindowExA
GetInputState
IsWindowUnicode
SetFocus
SetMenu
SetForegroundWindow
DefWindowProcW
DlgDirListA
DdeInitializeA
EndDeferWindowPos
GetIconInfo
TabbedTextOutW
EnumDisplaySettingsExW
DestroyIcon
ChangeDisplaySettingsA
GetClassNameW
AnyPopup
DdeCreateStringHandleA
DdeFreeDataHandle
IsCharLowerA
IntersectRect
RegisterClassA
SetProcessWindowStation
GetUserObjectInformationA
GetClipboardViewer
MessageBoxA
EnableScrollBar
DefMDIChildProcA
RegisterClassExW
DdeDisconnect
SetTimer
DdeAccessData
UnloadKeyboardLayout
GetWindowLongW
InvalidateRgn
ShowWindow

comctl32

ImageList_GetImageCount
GetEffectiveClientRect
ImageList_ReplaceIcon
ImageList_SetFilter
ImageList_SetBkColor
ImageList_DragShowNolock
InitCommonControlsEx
CreateUpDownControl

wininet

InternetDialW
InternetReadFile
FindNextUrlCacheContainerW
FtpCommandA
SetUrlCacheEntryGroupA

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0bb6c5a6f9f265222afa1b4322bf8f0

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

wininet

Sections

.text Size: 200KB - Virtual size: 197KB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 112KB - Virtual size: 125KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 200KB - Virtual size: 197KB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 112KB - Virtual size: 125KB

.rsrc
Size: 20KB - Virtual size: 16KB