611834b9e93e0ec27226f7fc953b5348_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

611834b9e93e0ec27226f7fc953b5348_JaffaCakes118
Size

207KB
MD5

611834b9e93e0ec27226f7fc953b5348
SHA1

1efd3cfa35de55859f7194e6695b901d460bea7f
SHA256

cf3b74afaec89dd4f65e03ddffdef32939125bca4862a9d0d6ca498a1634ba8b
SHA512

0380318fa59144d8be2e17b90daa67a2341c6bbf4c5603b19d860b3794b10de8f6f16615a1b343e3a4904c679337c3bef07bc3a6e28c07b0ff4597650ccded57
SSDEEP

6144:G7AJgp778fW/X+x5BOLP9lhn82wRIOynvkYK6LQG:GMJgxAW/O/+Hzuc3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
611834b9e93e0ec27226f7fc953b5348_JaffaCakes118

Files

611834b9e93e0ec27226f7fc953b5348_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8023108d430b3dc779f4536d930a6f82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetCalendarInfoA
IsBadWritePtr
GetShortPathNameW
CreateFileMappingW
SetCalendarInfoW
TlsAlloc
EnumDateFormatsW
OpenSemaphoreW
CreateNamedPipeW
BeginUpdateResourceW
GetSystemDirectoryA
GetTempFileNameA
GetDateFormatW
CreateFileA
GetProcessHeap
MoveFileA
GetLongPathNameA
CreateSemaphoreW
SuspendThread
GetFileSize
GetModuleFileNameW
OpenSemaphoreA
AddAtomA
IsBadStringPtrA
GetProcAddress
DosDateTimeToFileTime
CreateSemaphoreA
CopyFileA
GetWindowsDirectoryW
GetSystemDefaultLangID
CreateMutexA
OpenProcess
WinExec
CreateMailslotA
GetCommandLineW
lstrcpynA
AddAtomW
GetModuleHandleA
lstrcpyn
EndUpdateResourceA
lstrcpyA

user32

GetMenuItemCount
SetWindowTextW
ShowWindow
MessageBeep
ClientToScreen
DefFrameProcA
GetWindowLongW
DestroyWindow
CloseWindow
WinHelpW
CharPrevW
GetDC
FlashWindow
CharUpperA
CharLowerW
GetActiveWindow
AdjustWindowRect
GetDlgItemTextW
WaitForInputIdle
InsertMenuW
CreateCaret
CheckRadioButton
CreateWindowExW
FindWindowW
CreateMenu
DialogBoxParamA
FrameRect
GetMenuItemRect
CheckMenuRadioItem
GetWindowLongA
RegisterClassExW

gdi32

CreatePatternBrush
GetBrushOrgEx
GetTextFaceA
GetTextAlign
SetSystemPaletteUse
CreateFontIndirectA
GetICMProfileW
PolyBezierTo
GetCharWidthI
CreateSolidBrush
CreateBitmap
GetPaletteEntries
EnumFontFamiliesExW
BitBlt
OffsetWindowOrgEx
GetViewportOrgEx
ExtSelectClipRgn

advapi32

RegReplaceKeyW
RegEnumValueW
RegDeleteValueW
RegOpenKeyA
RegCreateKeyW
RegFlushKey

shlwapi

PathAddBackslashW

wininet

RunOnceUrlCache
InternetSetCookieA
FtpDeleteFileA
GetUrlCacheConfigInfoA

sqlunirl

_CreateScalableFontResource_@16
_NDdeTrustedShareEnum_@24
_ObjectDeleteAuditAlarm_@12
_ShellAbout_@16

crypt32

CertCreateSelfSignCertificate
CryptMsgVerifyCountersignatureEncoded
CertFreeCertificateChain
CertDuplicateCRLContext
CertVerifyCTLUsage
I_CertSyncStore
CryptVerifyMessageSignatureWithKey
CertRegisterSystemStore
CryptCreateAsyncHandle
CryptMsgVerifyCountersignatureEncodedEx

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.XAxB
Size: 2KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdx
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SQL
Size: 512B - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pK
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GfCucO
Size: 1KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lW
Size: 2KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tfpX
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BGK
Size: 2KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8023108d430b3dc779f4536d930a6f82

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

wininet

sqlunirl

crypt32

Sections

.text Size: 12KB - Virtual size: 12KB

.XAxB Size: 2KB - Virtual size: 32KB

.sdx Size: 3KB - Virtual size: 31KB

.SQL Size: 512B - Virtual size: 13KB

.pK Size: 1KB - Virtual size: 17KB

.GfCucO Size: 1KB - Virtual size: 20KB

.data Size: 12KB - Virtual size: 11KB

.lW Size: 2KB - Virtual size: 21KB

.tfpX Size: 2KB - Virtual size: 12KB

.BGK Size: 2KB - Virtual size: 200KB

.rsrc Size: 165KB - Virtual size: 164KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.XAxB
Size: 2KB - Virtual size: 32KB

.sdx
Size: 3KB - Virtual size: 31KB

.SQL
Size: 512B - Virtual size: 13KB

.pK
Size: 1KB - Virtual size: 17KB

.GfCucO
Size: 1KB - Virtual size: 20KB

.data
Size: 12KB - Virtual size: 11KB

.lW
Size: 2KB - Virtual size: 21KB

.tfpX
Size: 2KB - Virtual size: 12KB

.BGK
Size: 2KB - Virtual size: 200KB

.rsrc
Size: 165KB - Virtual size: 164KB

.reloc
Size: 1KB - Virtual size: 1KB