697629063a1b0d002b9947516917996b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

697629063a1b0d002b9947516917996b_JaffaCakes118
Size

14.2MB
MD5

697629063a1b0d002b9947516917996b
SHA1

1a183374ee5de4747c8b29b957666f72bf207736
SHA256

19400ce85504b0e0d2ee8ca3e47a3cf818a2ffb4f17a857188303a7c6d40bb9a
SHA512

8b66a3a76584b025edf479a6faba0c84f5f4a4b9279230b734f1e331c2504199fc3204108fc5d2660f0da9498de8ebf245447c7dc16f4a9ec468e2b06c2e9b13
SSDEEP

196608:k0jUcUa5FyMMwCtypmd2sTwSftrrxoEeAGbI3vasNeeNXae:3jUcUQF1MwSypmd2sTwcBrreAMsNe8Ke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
697629063a1b0d002b9947516917996b_JaffaCakes118

Files

697629063a1b0d002b9947516917996b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1da3bceb8255aa1949df7e6faa583e8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

GetCommandLineA
CloseHandle
GetLastError
CreateMutexA
SetThreadAffinityMask
GetCurrentThread
GetProcAddress
LoadLibraryA
OutputDebugStringA
SetCurrentDirectoryA
GetModuleFileNameA
Sleep
GetCurrentDirectoryA
CreateDirectoryA
GetFileAttributesA
FindFirstFileA
FindNextFileA
WriteFile
CreateFileA
ReadFile
GetFileSize
GetTickCount
VirtualFree
VirtualAlloc
RtlUnwind
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
CreateProcessA
HeapCreate
GetCurrentProcessId
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
RaiseException
InterlockedExchange
InitializeCriticalSection
HeapReAlloc
SetFilePointer
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualQuery
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
GetSystemInfo
IsProcessorFeaturePresent
MapViewOfFile
CreateFileMappingA
CreateFileW
UnmapViewOfFile
InterlockedCompareExchange
GetFullPathNameA
lstrcmpiA
GetLocalTime
QueryPerformanceFrequency
QueryPerformanceCounter
FreeLibrary
WideCharToMultiByte
HeapDestroy

user32

BeginPaint
EndPaint
CheckMenuItem
GetMenuItemCount
EnableWindow
GetDlgItem
EndDialog
SendMessageA
SetFocus
UpdateWindow
ShowWindow
SetWindowPos
SetWindowPlacement
GetWindowPlacement
CheckDlgButton
DialogBoxParamA
InsertMenuA
GetMenuItemID
AppendMenuA
CreateMenu
GetSystemMenu
GetClientRect
GetWindowLongA
CreateWindowExA
GetSystemMetrics
RegisterClassExA
LoadCursorA
LoadImageA
GetKeyboardLayout
GetAsyncKeyState
ToAsciiEx
ToUnicodeEx
MapVirtualKeyExA
ReleaseDC
GetDC
SetForegroundWindow
SetCursor
DestroyWindow
PeekMessageA
TranslateMessage
DispatchMessageA
WaitMessage
SystemParametersInfoA
MessageBoxA
ValidateRect
DefWindowProcA
InvalidateRect
PostQuitMessage
GetWindowRect
SetWindowLongA

gdi32

DeleteObject
SetDIBitsToDevice
GetDeviceGammaRamp
SetDeviceGammaRamp

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysStringLen
VariantInit
VariantClear

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ars
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

est
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

artem
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

celare
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

diabolus
Size: 852KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vitality
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1da3bceb8255aa1949df7e6faa583e8f

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 1.4MB - Virtual size: 1.4MB

.rsrc Size: 8KB - Virtual size: 8KB

ars Size: 5.4MB - Virtual size: 5.4MB

est Size: 28KB - Virtual size: 28KB

artem Size: 2.9MB - Virtual size: 2.9MB

celare Size: 24KB - Virtual size: 24KB

diabolus Size: 852KB - Virtual size: 852KB

vitality Size: 92KB - Virtual size: 92KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 1.4MB - Virtual size: 1.4MB

.rsrc
Size: 8KB - Virtual size: 8KB

ars
Size: 5.4MB - Virtual size: 5.4MB

est
Size: 28KB - Virtual size: 28KB

artem
Size: 2.9MB - Virtual size: 2.9MB

celare
Size: 24KB - Virtual size: 24KB

diabolus
Size: 852KB - Virtual size: 852KB

vitality
Size: 92KB - Virtual size: 92KB