37ae19610d614ea3b2b797c5fdb7ee2b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37ae19610d614ea3b2b797c5fdb7ee2b_JaffaCakes118
Size

511KB
MD5

37ae19610d614ea3b2b797c5fdb7ee2b
SHA1

6c3673f5cb6f850a57c993f0e848416f079bfedf
SHA256

c802e950312f8e41da66902587c77c0ff73b470005d2c248f877f8aed28e3d8f
SHA512

8da3c055d9a3af23c02c1f18ebc578fc84cee034c8dfb0f8c33a74a8e83db388651a66bb55920c644c37adfb5525ff64aecbd56f687a9374f539fd08d3e3edf6
SSDEEP

12288:tLpmtBzVRxWUYfMleaSauvV5WAd85Q41ginQx43p:VpmtBPtebaK4CinQx43

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37ae19610d614ea3b2b797c5fdb7ee2b_JaffaCakes118

Files

37ae19610d614ea3b2b797c5fdb7ee2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2e8be6e1545909cdd7067e5289ae31e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\rteeujqsr\ziy\hovt.pdb

Imports

comctl32

InitCommonControlsEx

user32

GetUserObjectSecurity
GetMessageA
ChangeMenuW
GetWindowRect
SendDlgItemMessageW
MapDialogRect
FlashWindowEx
GetMenuStringA
CreateDialogParamA
RegisterClassExA
SendNotifyMessageW
EnumDesktopsW
LoadAcceleratorsW
InvalidateRect
WaitMessage
ChangeDisplaySettingsExA
ToAscii
ValidateRgn
PeekMessageA
RegisterClassA
SetWindowTextA
SetClassLongW
GetWindowModuleFileNameW

kernel32

GetConsoleMode
TerminateProcess
GetConsoleOutputCP
IsValidCodePage
GetStringTypeW
IsDebuggerPresent
GetCurrentThread
InterlockedDecrement
GetEnvironmentStringsW
IsValidLocale
SetUnhandledExceptionFilter
SetEnvironmentVariableA
InterlockedExchange
TlsAlloc
CompareStringW
MultiByteToWideChar
TlsGetValue
DeleteCriticalSection
EnumSystemLocalesA
SetLastError
GetCommandLineA
LoadLibraryA
GetTimeZoneInformation
SetConsoleCtrlHandler
GetModuleHandleW
GetLastError
GetCurrentProcessId
TlsSetValue
GetModuleHandleA
GetUserDefaultLCID
GetLocaleInfoW
ReadFile
lstrlenW
GetCPInfo
GetConsoleCP
HeapCreate
GetModuleFileNameA
GetStartupInfoW
SetFilePointer
GetSystemInfo
HeapReAlloc
InterlockedIncrement
SetStdHandle
GetTimeFormatA
CompareStringA
GetSystemTimeAsFileTime
WideCharToMultiByte
VirtualFree
Sleep
FlushFileBuffers
LeaveCriticalSection
GetModuleFileNameW
FreeLibrary
GetProcAddress
FindResourceExW
GetCurrentProcess
OpenMutexA
FreeEnvironmentStringsW
GetOEMCP
TlsFree
VirtualQuery
GetCommandLineW
VirtualAlloc
CreateFileA
HeapFree
SetHandleCount
HeapDestroy
CreateMutexA
GetStdHandle
GetLocaleInfoA
LCMapStringA
lstrcatW
GetTickCount
WriteConsoleW
HeapAlloc
ExitProcess
LCMapStringW
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
HeapSize
GetStringTypeA
GetACP
GetCurrentThreadId
CloseHandle
WriteFile
GetFileType
EnterCriticalSection
UnhandledExceptionFilter
RtlUnwind
GetDateFormatA
GetStartupInfoA
WriteConsoleA

comdlg32

GetOpenFileNameW
PrintDlgW

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2e8be6e1545909cdd7067e5289ae31e

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

comdlg32

Sections

.text Size: 350KB - Virtual size: 350KB

.rdata Size: 39KB - Virtual size: 66KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 350KB - Virtual size: 350KB

.rdata
Size: 39KB - Virtual size: 66KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 15KB - Virtual size: 15KB