64a7fe1d1c3439de2802ab0f3db1473a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

64a7fe1d1c3439de2802ab0f3db1473a_JaffaCakes118
Size

91KB
MD5

64a7fe1d1c3439de2802ab0f3db1473a
SHA1

c9421a27f317fac02ca7ab84a5c985786ff202d4
SHA256

15aba56e14e30938a6cc904f8b355a6303a84f57d2c71f9a26df705b1075e2bf
SHA512

7d526fd23af036f461d19c6a17033ab566dc19067696b824fcbd881cfb604df5e738c992136df544b887e7826362b83034f1fec857e608968bb96638aaf77441
SSDEEP

1536:sLy/rIvJEiB8hQ3car9RHNeM7S7MPjHlcnh0XXPR52sGlwHsdh:Yy/8vJEkeQ3carheOS7gHlch0XXqplV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64a7fe1d1c3439de2802ab0f3db1473a_JaffaCakes118

Files

64a7fe1d1c3439de2802ab0f3db1473a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f2da162889cd469e15972bc46d271bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CLSIDFromProgID
OleInitialize

advapi32

RegOpenKeyExA
CryptCreateHash
CryptHashData
RegCloseKey
CryptGetHashParam
CryptAcquireContextA
RegQueryValueExA
CryptDestroyHash

user32

CharPrevA
SetWindowTextA
GetWindowRect
CharUpperA
SetWindowPos
MessageBoxA
wsprintfA
SetForegroundWindow
LoadStringA
GetDlgItem
SendMessageA
EnableWindow
GetDlgItemTextA
ShowWindow
ExitWindowsEx
GetDC
CallWindowProcA
DialogBoxIndirectParamA
PeekMessageA
EndDialog
SetDlgItemTextA
SendDlgItemMessageA
MessageBeep
GetWindowLongA
GetDesktopWindow
DispatchMessageA
MsgWaitForMultipleObjects
CharNextA
SetWindowLongA
ReleaseDC

ntdll

RtlCreateSecurityDescriptor
RtlSetDaclSecurityDescriptor
NtQuerySecurityObject
RtlInitAnsiString
RtlInitUnicodeString
RtlGetDaclSecurityDescriptor
NtSetSecurityObject
NtQueryObject
RtlEqualUnicodeString

kernel32

GetSystemDirectoryW
CloseHandle
WriteFile
ReleaseSemaphore
ReleaseMutex
InterlockedDecrement
GetLastError
GetCurrentProcessId
VirtualFree
LoadResource
RemoveDirectoryW
GetTempFileNameW
LockResource
FindResourceW
FindClose
CreateDirectoryW
GetFileAttributesW
CreateFileW
GetUserDefaultLangID
GetCurrentProcess
VirtualAlloc
lstrlenA
IsBadReadPtr
GetCurrentThreadId
HeapFree
HeapAlloc
GetWindowsDirectoryA
DeleteFileW
MultiByteToWideChar
ReadFile
lstrcmpiA
GetSystemTime
GetSystemTimeAsFileTime
GetProcessHeap
FindFirstFileW
SetFileAttributesA
GetVersionExA
SetFilePointer
GetSystemDefaultLangID
GetStartupInfoA
CreateSemaphoreA
LocalFree
GetFileSize
GlobalWire
UnhandledExceptionFilter
VirtualLock
GetPrivateProfileIntW
OpenSemaphoreA
SetLastError
FindNextFileW
DeviceIoControl
VirtualUnlock
InterlockedIncrement
GetTempPathW
QueryPerformanceCounter
CreateFileA
SetUnhandledExceptionFilter
SetEndOfFile
CreateMutexA
SizeofResource
GetPrivateProfileStringW
GetTickCount

gdi32

GetObjectA
DeleteObject
GetStockObject
CreateFontIndirectA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hkab
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 138KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f2da162889cd469e15972bc46d271bf

Headers

File Characteristics

Imports

ole32

advapi32

user32

ntdll

kernel32

gdi32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 117KB

.hkab Size: 3KB - Virtual size: 3KB

.edata Size: 138KB - Virtual size: 255KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 117KB

.hkab
Size: 3KB - Virtual size: 3KB

.edata
Size: 138KB - Virtual size: 255KB