37e41fe62cd277dd54982859bd5544f5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37e41fe62cd277dd54982859bd5544f5_JaffaCakes118
Size

364KB
MD5

37e41fe62cd277dd54982859bd5544f5
SHA1

6de59b3f6e71bfd73ab598282959bd6e724a0bc6
SHA256

f0bbeed0de2bec94f2c4d233ac7dfb558e202c3327e0d9c115c079a5fd3bb4ea
SHA512

c2ca2c1beba12363c8cfe5253b79cd03bc84b4a4235f907bc9eb1ad4a3674130c3f8d8f33bec1a075e50a29ee8d897dd58a0e8ed32309f4947f6fc7533833f10
SSDEEP

6144:UCnHiUJMasU5XGt8xQ/6dAf1Nw08GjO004S1oAqTh/piPUKChvsc69xW5T:flT4F6aNw0g+jThhitq0Bs5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e41fe62cd277dd54982859bd5544f5_JaffaCakes118

Files

37e41fe62cd277dd54982859bd5544f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfb15c53201a8231d7daaddd68aecec8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
GetTickCount
GetVersion
GetModuleFileNameW
EraseTape
SetCurrentDirectoryA
GetPrivateProfileStringW
SetConsoleOutputCP
OutputDebugStringA
PurgeComm
LeaveCriticalSection
GlobalAddAtomW
SetEvent
FindFirstFileExW
WriteFile
GetFileInformationByHandle
LoadLibraryExA
SetCommMask
ExitProcess
SetThreadLocale
SetCommTimeouts
GetCommState
GetHandleInformation
EnumSystemCodePagesW
GetCPInfo
GetVolumeInformationW
OpenMutexA
DosDateTimeToFileTime
SetFileAttributesA
GetFullPathNameA
CreateDirectoryExA
SetNamedPipeHandleState
SetProcessShutdownParameters
GetStringTypeExW
EnumTimeFormatsW
FindResourceExA
CreateWaitableTimerA
GetCommConfig
LoadLibraryExW
_hread
FindNextChangeNotification
GlobalReAlloc
lstrcmpiA
ConnectNamedPipe
ReleaseMutex
UnmapViewOfFile
GetThreadContext
SetSystemTime
GetPrivateProfileSectionW
GlobalDeleteAtom
CloseHandle
OutputDebugStringW
GetPrivateProfileStringA
FindCloseChangeNotification
CreateMutexA
ReadFile
GetOverlappedResult
SetFileTime
EndUpdateResourceA
GenerateConsoleCtrlEvent
LocalAlloc
SetMailslotInfo
SetConsoleCursorPosition
GetConsoleCursorInfo
EnumResourceLanguagesW
CreateEventA
SetThreadPriorityBoost
ReadConsoleA
GetTapeStatus
Beep
FindFirstFileA
SetProcessWorkingSetSize
ClearCommBreak
IsValidLocale
IsBadWritePtr
SearchPathW
FileTimeToLocalFileTime
SetLastError
SetupComm
VirtualAlloc
GetConsoleMode
UnhandledExceptionFilter
SetConsoleWindowInfo
VirtualQueryEx
FindFirstFileW
WritePrivateProfileSectionW
FormatMessageW
GlobalUnlock
IsDBCSLeadByteEx
LoadResource
VirtualAllocEx
VirtualProtect
CreateProcessA
WriteConsoleOutputW
ExitThread
CompareStringW
AllocConsole
SizeofResource
SetEnvironmentVariableW
GetShortPathNameW
WritePrivateProfileStringA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
lstrlenA

user32

ShowCursor
LoadCursorW
SetWindowPos
EnumThreadWindows
SetUserObjectSecurity
GetMenuItemRect
IsChild
MessageBoxIndirectW
CreateDialogIndirectParamA
GetClipboardViewer
EnumDesktopsA
CallWindowProcW
IsIconic
DrawMenuBar
SendMessageTimeoutW
GetKeyNameTextA
SetCaretPos
InflateRect
InvalidateRect
GetTitleBarInfo
MonitorFromRect
SubtractRect
GetMenuStringW
ChangeDisplaySettingsW
RegisterHotKey
IsDlgButtonChecked
DrawStateW
GetWindowContextHelpId
GetWindowRect
GetUserObjectInformationW
ModifyMenuW
DefWindowProcA
GetClipCursor
SetRectEmpty
LoadKeyboardLayoutW
CreateDialogParamA
MapVirtualKeyW
DrawTextExA
OpenClipboard
CreateDesktopA
GetWindowTextW
DrawFrameControl
DrawStateA
TrackMouseEvent
SetWindowRgn
CreateCursor
CreatePopupMenu
CloseWindow
DefFrameProcW
GetTabbedTextExtentA
ScreenToClient
GetDesktopWindow
TrackPopupMenu
SetWindowTextW

gdi32

Escape
BeginPath
CreateDIBPatternBrush
GetClipBox
FillPath

comdlg32

ReplaceTextW

advapi32

RegCreateKeyA
CryptAcquireContextA

shell32

ShellExecuteA
SHFileOperationW

ole32

CoReleaseMarshalData

comctl32

ImageList_DrawIndirect
ImageList_Merge
CreatePropertySheetPageW

shlwapi

PathRemoveBlanksW
PathFindNextComponentW
SHRegSetUSValueW
SHRegWriteUSValueW
PathGetArgsW
SHRegOpenUSKeyW
PathIsPrefixW
wnsprintfA
StrTrimA
SHAutoComplete
PathIsFileSpecW
StrCmpNW

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dfb15c53201a8231d7daaddd68aecec8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 18KB