37b31b62c5a1a52b3f119ddd60b4b6b0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

37b31b62c5a1a52b3f119ddd60b4b6b0_JaffaCakes118
Size

167KB
MD5

37b31b62c5a1a52b3f119ddd60b4b6b0
SHA1

3d8917ed37da0d90d4206ecf9c0a9d9d1991f4e4
SHA256

9890f0dcaeca1d3cc6fd49597d3422edf10a7bf9cf4dbee62e49df0f2116d0d8
SHA512

150f7968ca8949831d997abf9396529a5ad537522e69bf3e9bd1ad98b719b47051f6b12a98bc67b89b4223b460502ddb81833f689a0620b90c21e2065480afb8
SSDEEP

3072:SBUCb0uqzfeisnUfJygVgUw0+yRxLLdX4WHG19bJTgb8hvcN2gFh0DnVQMX955C3:S/bIzBsUfJIp09PXSrl0Qvc9CnpV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b31b62c5a1a52b3f119ddd60b4b6b0_JaffaCakes118

Files

37b31b62c5a1a52b3f119ddd60b4b6b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

706031f85f421a96bd7e570073af27c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

kernel32

CompareStringW
lstrcpyA
GetStartupInfoA
GlobalFree
ReleaseSemaphore
GetTempFileNameA
SetPriorityClass
GetUserDefaultLCID
HeapReAlloc
IsBadCodePtr
FileTimeToSystemTime
GetThreadIOPendingFlag
GetCurrentThreadId
IsBadReadPtr
LCMapStringW
InterlockedExchange
HeapDestroy
DeleteCriticalSection
GetEnvironmentStrings
WritePrivateProfileStringA
GetModuleFileNameA
GetCurrentProcess
CreateMutexA
TransmitCommChar
HeapCreate
SetStdHandle
LeaveCriticalSection
CloseHandle
TerminateProcess
GetTempPathW
CompareStringA
GetSystemTime
HeapAlloc
OutputDebugStringA
LoadLibraryW
GetFullPathNameA
CreateFileW
Sleep
ExitProcess
FreeLibrary
FlushFileBuffers
GetPriorityClass
SetEndOfFile
TlsSetValue
GetOEMCP
MultiByteToWideChar
FileTimeToLocalFileTime
GetFileType
ResetEvent
EnumResourceNamesW
GetTickCount
GetDiskFreeSpaceExA
GetTimeZoneInformation
InterlockedIncrement
WaitForSingleObject
RtlUnwind
HeapSize
FreeEnvironmentStringsW
GetPrivateProfileStringA
lstrcmpA
GlobalAlloc
SetUnhandledExceptionFilter
GetThreadPriority
TlsFree
InterlockedDecrement
GetFullPathNameW
SetEvent
SetHandleCount
SetLastError
HeapFree
ExitProcess
GetEnvironmentStringsW
MapViewOfFile
FreeEnvironmentStringsA
GetStdHandle
GetModuleHandleA
ExitThread
GetStringTypeW
CreateThread
WriteFile
CreateSemaphoreA
TlsAlloc
LoadLibraryA
GetCommandLineA
GetStringTypeA
IsBadWritePtr
InitializeCriticalSection
WideCharToMultiByte
GetProcAddress
IsDBCSLeadByte
UnhandledExceptionFilter
RaiseException
UnmapViewOfFile
lstrcmpW
GetCPInfo
GetEnvironmentVariableA
GetACP
TlsGetValue
LCMapStringA
CreateFileMappingA
EnterCriticalSection
GlobalUnlock
GetTempPathA
GetLastError
SetEnvironmentVariableA

user32

CharUpperA
GetKeyState
MessageBoxA
wsprintfA
wsprintfW
CharNextA
CharLowerA

shlwapi

PathAddBackslashA

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

706031f85f421a96bd7e570073af27c3

Headers

File Characteristics

Imports

msimg32

kernel32

user32

shlwapi

advapi32

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 18KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 18KB

.crt
Size: 512B - Virtual size: 72KB