37ff701d80d21429da3477350c19cb8f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37ff701d80d21429da3477350c19cb8f_JaffaCakes118
Size

596KB
MD5

37ff701d80d21429da3477350c19cb8f
SHA1

fee259e4014c776ca3aaad691b4067a63a251b7f
SHA256

ea117629406411be9eefaf1381bd284b518257785356b72bb287d6124e9d8f83
SHA512

563fb7658f5790bed67acfdcbae55918df229669bfc05701af0375e033e850ddcf5f7405486f15fa6aff5281b935ca1cbe01756419da43a8c76b56c852438c9b
SSDEEP

12288:CZQ+lR65/BkJ1bHh4CtwbURzVm1VH315Lo4xW:CZQ+GXE7hhAYzsHlRvW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37ff701d80d21429da3477350c19cb8f_JaffaCakes118

Files

37ff701d80d21429da3477350c19cb8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c66dff3f8ff8e117d9868fdabecf0ebb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\o

Imports

advapi32

RegDeleteKeyA
LookupSecurityDescriptorPartsA
RegQueryMultipleValuesW
DuplicateToken
CryptDestroyKey
RegQueryValueExW
LookupPrivilegeValueA
RegCreateKeyW
AbortSystemShutdownW
RegCloseKey
StartServiceW
CryptSetProviderExA
CryptSignHashW
CryptGetDefaultProviderW
LookupPrivilegeNameA
CryptGenKey
CryptContextAddRef
CryptEncrypt
RegEnumKeyW
RegLoadKeyW
CryptGetUserKey
CryptGetDefaultProviderA
CryptSetProviderW
CryptSignHashA

comctl32

InitCommonControlsEx
ImageList_Read

comdlg32

ChooseFontA
GetSaveFileNameA

kernel32

GetTickCount
GetLocaleInfoA
FreeEnvironmentStringsA
GetStdHandle
FillConsoleOutputCharacterA
GetEnvironmentStrings
LoadLibraryA
VirtualQuery
GetCurrentProcess
GetStringTypeA
CloseHandle
CreateMutexA
FreeEnvironmentStringsW
GetCurrentProcessId
IsBadWritePtr
GetFileType
GetEnvironmentStringsW
SetFilePointer
InitializeCriticalSection
CompareStringW
VirtualAlloc
GetCurrentThread
RtlUnwind
HeapDestroy
SetEnvironmentVariableA
VirtualFree
LCMapStringA
InterlockedExchange
WideCharToMultiByte
HeapReAlloc
GetCommandLineA
SetHandleCount
GetSystemInfo
GetStringTypeW
GetACP
LoadResource
GetProcAddress
GetDateFormatA
HeapCreate
GetModuleHandleA
IsValidLocale
GetTimeZoneInformation
GetConsoleCursorInfo
GetLastError
GetUserDefaultLCID
DeleteCriticalSection
TlsSetValue
GetSystemTimeAsFileTime
UnhandledExceptionFilter
TransmitCommChar
LCMapStringW
GetLocaleInfoW
GetSystemDirectoryA
EnterCriticalSection
GetOEMCP
MultiByteToWideChar
TerminateProcess
VirtualProtect
GetTimeFormatA
EnumSystemLocalesA
TlsAlloc
WriteFile
IsValidCodePage
HeapFree
GetModuleFileNameA
GetVersionExA
OpenMutexA
QueryPerformanceCounter
GetStartupInfoA
LeaveCriticalSection
GetCurrentThreadId
FlushFileBuffers
GetCPInfo
CompareStringA
SetLastError
SetStdHandle
HeapSize
TlsFree
ReadFile
TlsGetValue
ExitProcess
HeapAlloc

shell32

SHGetNewLinkInfo
DoEnvironmentSubstW

user32

GetWindowTextA
IsDialogMessageW
DefWindowProcA
DdeDisconnectList
DestroyCaret
MessageBoxA
ShowWindow
DdeDisconnect
IsCharUpperA
CreateDialogParamW
GetMenuInfo
RegisterClassExA
DestroyWindow
BringWindowToTop
EnumPropsExW
GetDC
TranslateMessage
DrawTextExW
UnregisterDeviceNotification
GetClassLongA
GetUpdateRgn
LoadCursorW
BroadcastSystemMessageA
CreateWindowExA
LoadImageW
RegisterClassA
SendMessageTimeoutA
CreateDialogIndirectParamA
UpdateWindow

gdi32

LineDDA
GetBoundsRect
PolyBezierTo
GetBitmapBits
GdiGetBatchLimit
ResetDCW
CreateDCW
CreateScalableFontResourceW
CreateDIBPatternBrushPt
BitBlt
GetKerningPairsW
Arc
SetBitmapDimensionEx
GetDCOrgEx
GetRasterizerCaps
GetFontData
CreateScalableFontResourceA
GdiFlush
SetLayout
SetDIBColorTable
GetOutlineTextMetricsW
CopyEnhMetaFileW
RectInRegion

Sections

.text
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 206KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c66dff3f8ff8e117d9868fdabecf0ebb

Headers

File Characteristics

PDB Paths

Imports

advapi32

comctl32

comdlg32

kernel32

shell32

user32

gdi32

Sections

.text Size: 202KB - Virtual size: 201KB

.rdata Size: 206KB - Virtual size: 220KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 74KB - Virtual size: 74KB

.text
Size: 202KB - Virtual size: 201KB

.rdata
Size: 206KB - Virtual size: 220KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 74KB - Virtual size: 74KB