637b0adb3a1a0fa8fb0083fc2f836011_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

637b0adb3a1a0fa8fb0083fc2f836011_JaffaCakes118
Size

232KB
MD5

637b0adb3a1a0fa8fb0083fc2f836011
SHA1

6416722ae1c17cbecadbb0d5ab742ecfbbd45374
SHA256

f8461b4519942a306159c25d6e854b291c5ee83ffeb2a02e9dbb0cfb0be04852
SHA512

29f65875dd7fe7fbf3d4ccbf30630e25269d4967768f12936354d97ea56fc6c2c90f6fe4d1c1220bb91a0ed8d0339bab9830e02fa3b9eac89b890bb7c49a1de9
SSDEEP

3072:4ZsQoKl95iI672y1R5t+hSvw25hjhICyPQ0/Bo8qorAn6Zfl6und4P1KVOAb0Ewd:Elnl6VJAew25huNXxSQZdI5eX5yIpO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
637b0adb3a1a0fa8fb0083fc2f836011_JaffaCakes118

Files

637b0adb3a1a0fa8fb0083fc2f836011_JaffaCakes118
.exe windows:4 windows x86 arch:x86

48e930e7f87e4e8d6e750e5bc1efdfbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetLastError
SetFilePointer
GetLocalTime
DeleteFileA
GetWindowsDirectoryA
GetModuleFileNameA
GetVersionExA
GetDateFormatA
GetTimeFormatA
GetSystemDirectoryA
LocalFree
FormatMessageA
GetProcAddress
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetCurrentProcess
LoadLibraryExA
LockResource
LoadResource
SizeofResource
FindResourceExA
EnumResourceLanguagesA
CreateEventA
WaitForSingleObject
GetSystemDefaultLangID
GetLocaleInfoA
SetLastError
GetCurrentThreadId
TerminateThread
CreateFileA
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
DeleteCriticalSection
ReadFile
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesA
CreateDirectoryA
InterlockedIncrement
InterlockedDecrement
GetPrivateProfileStringA
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
GetOEMCP
InitializeCriticalSection
TlsGetValue
RtlUnwind
RaiseException
CreateThread
TlsSetValue
ExitThread
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
HeapReAlloc
HeapAlloc
HeapSize
TlsAlloc
GetACP

user32

ReleaseDC
GetDlgItem
PostMessageA
DialogBoxParamA
GetWindowLongA
SetWindowLongA
DefWindowProcA
RegisterClassExA
CreateWindowExA
FindWindowA
IsDlgButtonChecked
CheckRadioButton
keybd_event
LoadStringA
GetDlgCtrlID
LoadCursorA
SetFocus
DestroyWindow
PostQuitMessage
BeginPaint
GetClientRect
LoadBitmapA
EndPaint
SetWindowTextA
GetSystemMetrics
ShowWindow
UpdateWindow
SendMessageA
SetDlgItemTextA
ExitWindowsEx
GetMessageA
TranslateMessage
DispatchMessageA
EndDialog
LoadIconA
SendDlgItemMessageA
CharNextA

gdi32

SelectObject
StretchBlt
DeleteDC
GetObjectA
CreateFontIndirectA
DeleteObject
CreateSolidBrush
CreateCompatibleDC

advapi32

AdjustTokenPrivileges
OpenProcessToken
RegCreateKeyExA
RegSetValueExA
RegCloseKey
LookupPrivilegeValueA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
OleRun

oleaut32

SysAllocString
VariantClear
SysFreeString

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48e930e7f87e4e8d6e750e5bc1efdfbe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 32KB - Virtual size: 31KB

.prdata Size: 76KB - Virtual size: 76KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 32KB - Virtual size: 31KB

.prdata
Size: 76KB - Virtual size: 76KB