45fb7ffc6d88849f3b64af5ecc001947_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45fb7ffc6d88849f3b64af5ecc001947_JaffaCakes118
Size

86KB
MD5

45fb7ffc6d88849f3b64af5ecc001947
SHA1

1bf959c9cf8b265587b4d04acadde3b27b327728
SHA256

473197de49ad7e3822e9078e066aeb3b81a66f677b2554f7d6cfd478333709b4
SHA512

d0a612706e8a562340a14c6fcd359cc04a2b3b1828d70b65846799af34f972e33e257688a152da4a41fd0b632d28f107fa7cbb3a66516ae6eb2e78ee546f2434
SSDEEP

1536:usTyngUrfIvLKd/6DILAgrfbubDSh5OLT464nf9vQuctc2K5a7RMGYnGc1S6a+:usTyngUrUQ6D2AOfabvX4f9vo/9hc1ZX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/brew-sgw2.exe

Files

45fb7ffc6d88849f3b64af5ecc001947_JaffaCakes118
.zip
0_Day_Trainer_Savegames.de.url
BReWErS.nfo
brew-sgw2.exe
.exe windows:4 windows x86 arch:x86

6f612ff9df75a349bf75e1e790da9199

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
ExitProcess
GetWindowsDirectoryA
lstrcatA
CreateDirectoryA
DeleteFileA
RemoveDirectoryA
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
WriteFile
CloseHandle
OpenProcess
VirtualAllocEx
WriteProcessMemory
LoadLibraryA
GetProcAddress
CreateRemoteThread
WaitForSingleObject
CreateThread
SetThreadPriority
HeapAlloc
HeapCreate
HeapDestroy
Sleep
ReadFile
SetFilePointer

user32

DialogBoxParamA
SetTimer
LoadBitmapA
SendDlgItemMessageA
FindWindowA
EndDialog
GetWindowThreadProcessId
GetDlgItem
SendMessageA
RegisterHotKey
ReleaseCapture

gdi32

CreateFontA
SetBkMode
SetTextColor
SetBkColor
CreateSolidBrush
GetStockObject

winmm

waveOutClose
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

Sections

code
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 9KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
code5.nfo
virusscan.txt

Sharing

General

Malware Config

Signatures

Files

6f612ff9df75a349bf75e1e790da9199

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

Sections

code Size: 8KB - Virtual size: 7KB

data Size: 9KB - Virtual size: 81KB

.rsrc Size: 436KB - Virtual size: 436KB

.idata Size: 2KB - Virtual size: 1KB

code
Size: 8KB - Virtual size: 7KB

data
Size: 9KB - Virtual size: 81KB

.rsrc
Size: 436KB - Virtual size: 436KB

.idata
Size: 2KB - Virtual size: 1KB