610d7bb9f9725d5b736843123d27f1bc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

610d7bb9f9725d5b736843123d27f1bc_JaffaCakes118
Size

167KB
MD5

610d7bb9f9725d5b736843123d27f1bc
SHA1

3706cb0a13c1e4ebe1ebc05aee0a1d23049abcca
SHA256

1d79c23865675ea988e8da616d87729fc029e3da8655a452ec8603c2645ed29c
SHA512

a4c5e017007f2a3bb905ac9aad6e87e54ae8582e3b1e8f2fa7ebc121faece5f13385b655b0acb545bb002855d5f65a0864b30154fa3a1381fe5eaf324d65ea20
SSDEEP

3072:2dEnuxOmCghim2GDJwNAz0zKju491jZqMNJs:2dDfh80JYAhvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
610d7bb9f9725d5b736843123d27f1bc_JaffaCakes118

Files

610d7bb9f9725d5b736843123d27f1bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7153979275a546957fb3ca03b4491c9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
lstrcpyW
lstrcmpW
WritePrivateProfileStringW
WinExec
WideCharToMultiByte
TerminateProcess
SearchPathW
OpenProcess
LoadLibraryW
GetWindowsDirectoryW
GetSystemDirectoryW
GetProcAddress
GetPrivateProfileStringW
CreateThread
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
IsBadReadPtr
GlobalAddAtomA
GlobalAddAtomW
GetModuleHandleA
GlobalFree
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalGetAtomNameW
FreeConsole
GetEnvironmentVariableA
VirtualProtect
VirtualAlloc
GetLastError
LoadLibraryA
SetLastError
SetThreadPriority
GetCurrentThread
CreateProcessA
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenMutexA
GetCurrentThreadId
ReadFile
GetFileSize
CreateFileA
FindClose
FindFirstFileA
FindFirstFileW
VirtualQueryEx
GetExitCodeProcess
ReadProcessMemory
UnmapViewOfFile
ContinueDebugEvent
SetThreadContext
GetThreadContext
WaitForDebugEvent
CloseHandle
DebugActiveProcess
ResumeThread
CreateProcessW
GetCommandLineW
GetStartupInfoW
MapViewOfFile
DuplicateHandle
GetCurrentProcess
CreateFileMappingA
VirtualProtectEx
WriteProcessMemory
ExitProcess
GetLocalTime
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
CompareStringW
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapFree
HeapAlloc
GetVersion
GetSystemTime
GetTimeZoneInformation
RtlUnwind
Sleep
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
InitializeCriticalSection
GetCurrentProcessId
GetModuleFileNameW
GetShortPathNameW
GetModuleFileNameA
SuspendThread
GetShortPathNameA
SetErrorMode

user32

LoadIconA
GetDC
GetMessagePos
DestroyWindow
DrawMenuBar
AnyPopup
GetWindowTextLengthW
IsWindow
GetKBCodePage
DestroyIcon
IsCharAlphaA
GetKeyboardLayout
GetDlgCtrlID
GetWindowContextHelpId
GetWindowDC
GetWindowTextLengthA
DestroyCursor
GetAsyncKeyState
GetFocus

gdi32

GetStockObject
GetTextAlign
UnrealizeObject
GetLayout
AbortPath
GetObjectType
BeginPath
CloseEnhMetaFile
CreatePatternBrush
GetStretchBltMode
FlattenPath
CreateHalftonePalette
AddFontResourceW

advapi32

RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7153979275a546957fb3ca03b4491c9b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 109KB - Virtual size: 109KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 109KB - Virtual size: 109KB

.rsrc
Size: 32KB - Virtual size: 32KB