37b329b94c501e85f75395a765098dba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

37b329b94c501e85f75395a765098dba_JaffaCakes118
Size

472KB
MD5

37b329b94c501e85f75395a765098dba
SHA1

3c22553c1dce3cdb5b646989ca7c916e127aebb6
SHA256

92db341b179e56665a394aef897f0869432f00233d4e29915a4007663622a89d
SHA512

7871b0447e2554a2c07363046e62139164cf84071facfc4e6be4c3ad2f60e1a2da69f82a2b50ca0b689e858ade8618f9bf6a71bfe08d3afae85f70473aca4b9d
SSDEEP

12288:TLTiNYJ3sgYIU/X4snQucgIQpqNg/xl53cPG82CCq8Zpj:LiOUAYITQpqKF0G82Nt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b329b94c501e85f75395a765098dba_JaffaCakes118

Files

37b329b94c501e85f75395a765098dba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60891622198040b2ee50fdf5d9d8e973

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\eysaaelt\pojeiygr\bmeseay

Imports

user32

RegisterWindowMessageW
GetForegroundWindow
GetScrollRange
ChangeDisplaySettingsExW
GetMenuContextHelpId
WaitForInputIdle
EditWndProc
ClipCursor
IsWindowEnabled
ShowOwnedPopups
RedrawWindow
DdeQueryNextServer
CopyIcon
DdeQueryStringA
SetDlgItemInt
OpenIcon
UnionRect
GetDlgItemTextW
IsCharUpperA
ChangeDisplaySettingsW
RegisterClassExA
ChangeDisplaySettingsA
GetWindowTextLengthA
DlgDirSelectExA
SendIMEMessageExW
RegisterClassA

comctl32

InitCommonControlsEx

kernel32

IsBadWritePtr
HeapFree
GetCurrentThread
EnterCriticalSection
GetProcAddress
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
OpenMutexA
TerminateProcess
GetCPInfo
GetStringTypeW
GetLocalTime
TlsSetValue
RtlZeroMemory
GetProfileSectionW
WriteFile
MultiByteToWideChar
LCMapStringA
GetStartupInfoW
WideCharToMultiByte
SetUnhandledExceptionFilter
GetSystemTime
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
LCMapStringW
GetStartupInfoA
FlushFileBuffers
GetLastError
GetComputerNameA
GetTimeZoneInformation
VirtualFree
GetVersion
GetCurrentProcessId
LeaveCriticalSection
HeapAlloc
CompareStringA
SetStdHandle
SetEnvironmentVariableA
HeapDestroy
GetCurrentProcess
GetCommandLineW
EnumCalendarInfoW
HeapCreate
InitializeCriticalSection
GetModuleFileNameA
LoadLibraryA
SetHandleCount
GetCommandLineA
ReadFile
GetStringTypeA
TlsGetValue
GetFileType
GetFileAttributesExA
TlsFree
SetLastError
HeapReAlloc
SetFilePointer
DeleteFileA
FreeEnvironmentStringsW
GetModuleHandleA
VirtualAlloc
RtlFillMemory
GetEnvironmentStringsW
GetCurrentThreadId
CloseHandle
VirtualQuery
GetSystemTimeAsFileTime
TlsAlloc
GetUserDefaultLangID
QueryPerformanceCounter
GetTickCount
DeleteCriticalSection
CompareStringW
CreateMutexA
RtlUnwind
GetStdHandle
InterlockedExchange
UnhandledExceptionFilter

Sections

.text
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60891622198040b2ee50fdf5d9d8e973

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 325KB - Virtual size: 324KB

.rdata Size: 29KB - Virtual size: 45KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 325KB - Virtual size: 324KB

.rdata
Size: 29KB - Virtual size: 45KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 12KB - Virtual size: 12KB