37b782cd03bf4e770edf10ea5d369dcb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37b782cd03bf4e770edf10ea5d369dcb_JaffaCakes118
Size

473KB
MD5

37b782cd03bf4e770edf10ea5d369dcb
SHA1

f1c47f09bca5496299099e98ee4dc2f6acafa22e
SHA256

b6e7a105c8b2c60871e8a3af38c3bb8e7c2e64b3841e78e259e68d88ace2a319
SHA512

3ccdf235c760c81154aacd646612c96a1425adcd55590cfc98cd69d7f31709c23ef2a4d4ed4cf9949c914d2234b1746c9065f2b50f17de23ba54fcfda766f9eb
SSDEEP

12288:JSJDjEngVWdRHuCUy+8UpRvXUW2ljlJOoSVyt:JSJDTIdRHu9vzvIpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b782cd03bf4e770edf10ea5d369dcb_JaffaCakes118

Files

37b782cd03bf4e770edf10ea5d369dcb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78e0e43bd60d7f5069d5294160cc00f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetTimeZoneInformation
LCMapStringW
MultiByteToWideChar
GetUserDefaultLCID
TlsGetValue
DebugBreak
ExitProcess
SetFilePointer
GetVersionExA
VirtualAlloc
GetStringTypeW
GetEnvironmentStringsW
GetStartupInfoA
SetCurrentDirectoryA
VirtualQuery
GetCurrentProcess
RtlUnwind
OutputDebugStringA
TerminateProcess
CompareStringW
LeaveCriticalSection
LCMapStringA
LocalFlags
OpenSemaphoreA
GetSystemTimeAsFileTime
HeapFree
IsBadWritePtr
VirtualFree
QueryPerformanceCounter
GetLastError
VirtualUnlock
LoadLibraryA
MoveFileA
WriteProfileSectionA
WideCharToMultiByte
GetCurrentProcessId
EnumSystemLocalesA
TryEnterCriticalSection
SetEnvironmentVariableA
IsValidLocale
GetDateFormatA
CloseHandle
GetProcAddress
HeapReAlloc
SetStdHandle
FreeEnvironmentStringsW
FindResourceW
GetModuleHandleA
GetCPInfo
DeleteCriticalSection
GetFileType
ResetEvent
GetSystemInfo
GetCurrentThreadId
GetLogicalDriveStringsW
SetSystemTime
InitializeCriticalSection
GlobalLock
GetCommandLineA
FillConsoleOutputAttribute
GetLocaleInfoA
GetModuleFileNameA
HeapValidate
ReadConsoleInputA
WriteFile
FlushFileBuffers
GetStdHandle
HeapDestroy
CompareStringA
GetTimeFormatA
GetEnvironmentStrings
GetTickCount
HeapAlloc
GetCurrentThread
InterlockedExchange
TlsAlloc
SetConsoleCtrlHandler
InterlockedDecrement
FindClose
SetHandleCount
GetLocaleInfoW
EnumCalendarInfoA
GetStringTypeA
GetACP
IsBadReadPtr
SetLastError
GetDriveTypeW
GetOEMCP
GetLocalTime
HeapCreate
IsValidCodePage
UnhandledExceptionFilter
EnterCriticalSection
VirtualProtect
TlsFree
lstrcpy
CreateMailslotA
InterlockedIncrement
FreeEnvironmentStringsA

wininet

InternetQueryFortezzaStatus

gdi32

EnumICMProfilesW
AbortDoc

shell32

ExtractIconExA
SHGetFileInfoA

user32

SetUserObjectSecurity
PeekMessageW
SetParent
AttachThreadInput
EnumPropsA
IsMenu
RealChildWindowFromPoint
EndDialog
DefFrameProcW
GetMenuItemInfoA
EnumDisplaySettingsExA

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78e0e43bd60d7f5069d5294160cc00f9

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

shell32

user32

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 11KB - Virtual size: 17KB

.data Size: 288KB - Virtual size: 288KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 11KB - Virtual size: 17KB

.data
Size: 288KB - Virtual size: 288KB

.rsrc
Size: 6KB - Virtual size: 5KB