38453870098575627267449bc4b3e556_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38453870098575627267449bc4b3e556_JaffaCakes118
Size

246KB
MD5

38453870098575627267449bc4b3e556
SHA1

703bc5ef48968bfb813c82ce06925d89f81f9da6
SHA256

8ebe488a90e042346998bd0f0cfbd46eb1fbe63c79f419d3b4973abc1e56f119
SHA512

97b7c410ffbeb3fc5f880d2ef953f0b62bbfd6f55107eb7a3a55d78c57d6e8b4c4e46240e627ecaf65acf24c776aea5f25b08b44ac10e0b203b022a8f422045f
SSDEEP

6144:WhWEBsKMrZm8gLbB4hn7m5cILPkimNBStkdQTTI50Lt:WhcJgJ4h7URPkimUuSTI5Qt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38453870098575627267449bc4b3e556_JaffaCakes118

Files

38453870098575627267449bc4b3e556_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52c0b61fb3f4e06cdc1727ad42895d59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
IsBadStringPtrA
CreatePipe
OpenFile
OpenSemaphoreW
EnumDateFormatsW
EnumTimeFormatsA
lstrcatW
GetACP
SetUnhandledExceptionFilter
GetTempFileNameW
ExitProcess
GetEnvironmentStringsA
lstrcpyW
RemoveDirectoryW
Beep
GetSystemInfo
SetCurrentDirectoryA
GetCalendarInfoA
lstrcmpiW
GetFullPathNameA
CompareFileTime
lstrcat
SetCalendarInfoA
GetCommandLineA
SystemTimeToFileTime
GetStringTypeA
IsDebuggerPresent
GetTimeFormatA
GetTimeFormatW
lstrcatA
AddAtomA
LoadLibraryExA
lstrcmp
MultiByteToWideChar
GetSystemDirectoryA
lstrcpy
CreateEventA
CreateMailslotA
GetVolumeInformationA
lstrcmpA
WaitForMultipleObjects
DuplicateHandle
lstrlenA
GetProcessHeaps
MulDiv
GetLogicalDriveStringsW
lstrlenW
SetLocaleInfoA
FatalAppExitA
CopyFileExW
GetCurrentDirectoryW
GlobalAlloc
CreateMutexW
lstrcmpW
FileTimeToSystemTime
GetLongPathNameA
FindAtomW
InitializeCriticalSection
GetDiskFreeSpaceW
FindResourceA
GetCurrentDirectoryA
GetExpandedNameA
FreeLibrary
GetNumberFormatA
GetDiskFreeSpaceA
GetProcAddress

user32

RegisterWindowMessageA
LoadMenuA
WinHelpW
GetMenuItemInfoA
SetTimer
OffsetRect
GetFocus
GetAsyncKeyState
WaitMessage
CharNextW
SetCursor
DestroyIcon
SetCursorPos
GetForegroundWindow
GetClassInfoA
RemoveMenu
CreateDialogParamW
MessageBoxIndirectW
DefWindowProcA
EmptyClipboard
wvsprintfW
DestroyMenu
ShowWindow
wsprintfW
GetDCEx
LoadImageW
CharUpperA
LoadIconW
MessageBoxIndirectA
IsWindow
CharUpperW
CharPrevA
wvsprintfA
EnumWindows
GetMessageW
FindWindowA
WaitForInputIdle
GetMenuItemInfoW
MonitorFromRect

gdi32

UpdateICMRegKeyA
RemoveFontResourceExW
CreatePatternBrush
CreateFontIndirectExW
AddFontResourceA
SelectBrushLocal
UpdateICMRegKeyW
GetEnhMetaFilePixelFormat
GetMetaFileW
StretchDIBits
CreatePolygonRgn
CreatePen
GetTextExtentPointW
SetEnhMetaFileBits
GetEnhMetaFileA
GetStockObject
DeleteObject
AddFontResourceW
CreateICA
CreateColorSpaceA
CreateEllipticRgn
ExtCreateRegion

shell32

ExtractAssociatedIconA
ExtractIconA
StrRStrIA
SHGetFolderLocation
StrRChrIW
ShellExecuteEx
StrNCmpIA
SHGetDiskFreeSpaceExW
Shell_NotifyIcon

comctl32

ImageList_GetImageRect
FlatSB_SetScrollInfo
ImageList_Replace
ImageList_DragEnter
ImageList_GetIcon
ImageList_AddIcon

ws2_32

socket

sqlunirl

_SetWindowLong@12
_CommConfigDialog_@12
_GetICMProfile_@12
_EnumDisplaySettings_@12
_PropertySheet_@4
_BuildCommDCBAndTimeouts_@12
_GetTextExtentPoint@16
wsprintf_
_GetUnicodeRedirectionLayer@0

crypt32

CertOpenSystemStoreW
CertDuplicateCertificateContext
CryptSIPAddProvider
I_CryptUninstallOssGlobal
I_CryptGetAsn1Encoder
CertGetCRLFromStore

Sections

.YsdzdB
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YIdRuS
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZI
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.iPQvk
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZBn
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TDr
Size: 11KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uEZ
Size: 5KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52c0b61fb3f4e06cdc1727ad42895d59

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

ws2_32

sqlunirl

crypt32

Sections

.YsdzdB Size: 5KB - Virtual size: 5KB

.YIdRuS Size: 89KB - Virtual size: 89KB

.ZI Size: 12KB - Virtual size: 12KB

.iPQvk Size: 4KB - Virtual size: 40KB

.ZBn Size: 92KB - Virtual size: 91KB

.TDr Size: 11KB - Virtual size: 343KB

.uEZ Size: 5KB - Virtual size: 358KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 1024B

.YsdzdB
Size: 5KB - Virtual size: 5KB

.YIdRuS
Size: 89KB - Virtual size: 89KB

.ZI
Size: 12KB - Virtual size: 12KB

.iPQvk
Size: 4KB - Virtual size: 40KB

.ZBn
Size: 92KB - Virtual size: 91KB

.TDr
Size: 11KB - Virtual size: 343KB

.uEZ
Size: 5KB - Virtual size: 358KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 1024B