37a557cde50990a88e86a529652b0f37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37a557cde50990a88e86a529652b0f37_JaffaCakes118
Size

1.2MB
MD5

37a557cde50990a88e86a529652b0f37
SHA1

ce2baa65c74d67629f9e710a955d81cd045840f8
SHA256

b3e3422adfd71e611b3d4d95ad3142b648291508e26cdfd766cdc8a9d50bfd51
SHA512

d70f943f379a64d4679bd95c5d807febb2fd57bcc498826532c03730c012e7506fd469cd5aef8121d9f4f7ddb55ec7c8da1564f185282e553e00ceba1d8662f3
SSDEEP

24576:HIbVEOFQ8MNUQhsBwsRXnm3+5QlYOba3tPz:obOO9MNUwswOZn3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a557cde50990a88e86a529652b0f37_JaffaCakes118

Files

37a557cde50990a88e86a529652b0f37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

352d3818789e759a01996d066ffd9d21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualFree
HeapCreate
IsValidCodePage
GetEnvironmentStrings
GetModuleHandleW
GetACP
CloseHandle
FindFirstFileA
ReadFile
TlsFree
MapViewOfFile
CompareStringA
RaiseException
GetCurrentThread
HeapSize
GetCPInfo
lstrlenW
LockResource
SizeofResource
CreateProcessW
RemoveDirectoryA
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
LCMapStringW
LeaveCriticalSection
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GlobalLock
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
lstrcpyA
FindNextFileW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
FreeLibrary
LoadLibraryA
FlushFileBuffers
TlsAlloc
QueryPerformanceCounter
GetOEMCP
GetFullPathNameA
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
SetEndOfFile
GetConsoleMode
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
MultiByteToWideChar
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
InterlockedExchange
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
GetExitCodeProcess
LocalFree
SetEvent
SetFileAttributesA
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
WriteFile
GetStringTypeA
WideCharToMultiByte
SetStdHandle
LoadLibraryExW
LocalAlloc
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetCommandLineW
GetFileAttributesW
HeapDestroy
FindFirstFileW
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
VirtualAlloc
ExitProcess
GetCurrentProcessId
GetTickCount
GetLastError
GetCommandLineA
GetVersion
GetCurrentThreadId
SetHandleCount
GetModuleHandleA

user32

BeginPaint
SetFocus
EndPaint
FillRect
CreateWindowExA
GetSubMenu
RegisterClassA
EnableMenuItem
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
DefWindowProcA
PeekMessageA
EnableWindow
ShowWindow
UpdateWindow
GetParent
DestroyWindow
SendMessageA
GetCursorPos
GetDC
DispatchMessageA
LoadBitmapA
PostQuitMessage
GetWindowRect
IsIconic
SetWindowTextA
CheckMenuItem
ScreenToClient
GetDlgItem
LoadCursorA
GetDesktopWindow
SetWindowPos
SetCursor
GetFocus
MessageBoxA
GetSysColor
SystemParametersInfoA
IsWindowVisible
InvalidateRect
wsprintfA
GetClientRect
CallWindowProcA
EndDialog

oleaut32

VariantInit
SysFreeString
SysAllocStringLen
VariantClear
SysAllocString

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

SetBkColor
SetBkMode
SelectObject

advapi32

RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExW
RegQueryValueExW

msvcrt

_exit
exit
_controlfp

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/DIALOG/102
.rsrc/DIALOG/105
.rsrc/DIALOG/106
.rsrc/DIALOG/111
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/ICON/4
.rsrc/MANIFEST/1
.xml
.text
[0]
[1]
[2]

Sharing

General

Malware Config

Signatures

Files

352d3818789e759a01996d066ffd9d21

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

version

gdi32

advapi32

msvcrt

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 18KB - Virtual size: 18KB