37aaea49f3fdf40dbcb8c6a52dd22159_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37aaea49f3fdf40dbcb8c6a52dd22159_JaffaCakes118
Size

148KB
MD5

37aaea49f3fdf40dbcb8c6a52dd22159
SHA1

6b095bd20b134aed8238f2d2cd59812fe824fd40
SHA256

48c8ae2bfd9a63a4ef378020897a8b42c82da35492675a245b0f50003bbd4f9d
SHA512

f75e20d5809ea9d59b470fe8e184aea739e4e81c5b75667bb76544c091cc524de5601b240c9522edd2acca023403de69f49aee8bc40997660ae4158d0949727d
SSDEEP

3072:kPlo71h5z3DgRJKwQeE7+R+vuA4vEg813VATDJ1oPGq:kNoT53DmKk1ALlgkqu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37aaea49f3fdf40dbcb8c6a52dd22159_JaffaCakes118

Files

37aaea49f3fdf40dbcb8c6a52dd22159_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3397b1ec1d21635eac3e0b37a056227b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
RemoveDirectoryA
lstrcmpiA
GetVersionExA
CreateDirectoryA
GetWindowsDirectoryA
SetFileAttributesA
GetFileAttributesA
GetLastError
CreateProcessA
GetModuleFileNameA
FindFirstFileA
LoadLibraryExA
FindNextFileA
FindClose
CompareFileTime
WriteFile
DeleteFileA
CreateFileA
ReadFile
CloseHandle
FindResourceA
LoadResource
LockResource
FreeResource
lstrcmpA
MultiByteToWideChar
lstrcatA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
SetEndOfFile
SetFilePointer
GetStdHandle
SetHandleCount
SetStdHandle
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
GetSystemTime
GetTimeZoneInformation
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetFileType
GetLocalTime
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
GlobalLock
GlobalUnlock
SearchPathA
GetSystemDirectoryA
CompareStringA
SetLastError
OutputDebugStringA
InterlockedDecrement
InterlockedIncrement
FreeLibrary
LoadLibraryA
GetACP
GetOEMCP
FlushFileBuffers
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetModuleHandleA
IsBadReadPtr
IsBadCodePtr
lstrcpyA
LCMapStringA
LCMapStringW
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
lstrcpynA
Sleep
GlobalAlloc
GlobalFree
GetProcAddress
GetCPInfo
SetEnvironmentVariableA
CompareStringW

user32

GetDlgCtrlID
DrawIcon
GetDlgItem
GetWindowTextLengthA
wvsprintfA
ShowWindow
RegisterClassExA
GetClassInfoExA
DefWindowProcA
DestroyWindow
DispatchMessageA
TranslateMessage
PeekMessageA
CreateWindowExA
wsprintfA
ReleaseDC
GetDC
SetRect
LoadStringA
SendMessageA
InvalidateRect
SetWindowLongA
GetWindowLongA
InflateRect
FillRect
SetWindowPos
GetSystemMetrics
SystemParametersInfoA
GetWindowRect
SetWindowTextA
GetWindowTextA
LoadIconA
GetActiveWindow
GetLastActivePopup
IsWindowEnabled
GetFocus
GetParent
IsWindow
MessageBeep
GetDesktopWindow
MessageBoxA
SetForegroundWindow
UnregisterClassA
RegisterClassA
FindWindowExA
EnumWindows
PostMessageA
FindWindowA
RegisterWindowMessageA
SetFocus
KillTimer
EnableWindow
SetTimer
OffsetRect
CallWindowProcA
GetCursorPos
ScreenToClient
BeginPaint
EndPaint
PtInRect
GetClientRect
CreateCursor
SetCursor
LoadCursorA
DestroyCursor
EndDialog
CreateDialogParamA
DialogBoxParamA
GetClassNameA
EnumChildWindows

gdi32

GetTextExtentPoint32A
CreatePalette
DeleteObject
CreateDIBitmap
RealizePalette
SelectPalette
GetObjectA
DeleteDC
BitBlt
SelectObject
GetDeviceCaps
CreateCompatibleDC
SetTextColor
SetBkColor
CreateBitmap
CreateCompatibleBitmap
Polyline
CreatePen
CreateSolidBrush
GetStockObject
CreateFontIndirectA
ExtTextOutA
SetBkMode

advapi32

RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

ole32

CoCreateInstance
CoInitialize
CoUninitialize

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wsock32

htons
WSAGetLastError
recv
send
closesocket
socket
inet_ntoa
bind
ioctlsocket
connect
select
__WSAFDIsSet
getsockopt
WSAAsyncGetHostByName
inet_addr
WSACancelAsyncRequest
WSACleanup
WSAStartup

comctl32

PropertySheetA

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3397b1ec1d21635eac3e0b37a056227b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

wsock32

comctl32

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 12KB - Virtual size: 8KB