67bf876fef091a4a4c9723d9fccfa56c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67bf876fef091a4a4c9723d9fccfa56c_JaffaCakes118
Size

354KB
MD5

67bf876fef091a4a4c9723d9fccfa56c
SHA1

15f118ae84c25cbb994b698aba24afb4c5ed51d6
SHA256

a80a2be54a448d104ad0afb2f5878b16cd88fcb0c612bce0ec102e6be5320563
SHA512

fa53febc063d06fb6155d0602cc20c909384a5e8c3fc5eaceba579e8a4be8cc36717f5140a71a5b6fb5d00484a911b58565572003de291553660109eafd4d6c9
SSDEEP

6144:TTUyAs15d/3BfydG/wyBMUyAg8jId0a3kPx/GA6UerC26ie+T5SvCtWR+:/53B6GnBMUQyaUZGAjLvC88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67bf876fef091a4a4c9723d9fccfa56c_JaffaCakes118

Files

67bf876fef091a4a4c9723d9fccfa56c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d1fec85a869845266c90f7f98a8e91f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
DisableThreadLibraryCalls
CreateEventW
CloseHandle
SetEvent
LocalFree
Sleep
GetCurrentProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA
GetModuleFileNameA
lstrlenA
GetTickCount
lstrcatA
GetModuleHandleW
LCMapStringW
SwitchToThread
lstrlenW
GetProcessHeap
GetVersionExW
UnhandledExceptionFilter
FindResourceExW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SearchPathW
InterlockedCompareExchange
InterlockedExchange
GetDateFormatW
GetTimeFormatW
LoadLibraryW
GlobalUnlock
GetSystemTimeAsFileTime
InterlockedDecrement
CompareStringW
GetModuleFileNameW
ResetEvent
LoadResource
FindResourceW
LoadLibraryExW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
CompareFileTime
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
HeapSize
GetCPInfo
GetOEMCP
GetSystemInfo
GetACP
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
ExitProcess
VirtualQuery
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
WaitForSingleObject
CreateThread
LocalAlloc
WaitForMultipleObjects
SetUnhandledExceptionFilter
TerminateProcess
GetCommandLineA
HeapDestroy
VirtualProtect
GetVersionExA
GetStartupInfoA
RtlUnwind
HeapFree
HeapAlloc

user32

SendMessageW
LoadStringA
SendMessageA
FindWindowA
MessageBoxW
GetDlgItem
TranslateMessage
DispatchMessageW
LoadCursorW
SetCursor
PostMessageW
GetDesktopWindow
GetClientRect
GetWindowRect
MoveWindow
LoadStringW
CreateDialogParamW
EnableWindow
SetWindowTextW
GetFocus
DialogBoxParamW
SetFocus
ShowWindow
SetDlgItemTextW
EnumWindows
PeekMessageW
IsWindow
FindWindowExW

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegisterServiceCtrlHandlerW
SetServiceStatus
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW

ole32

CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CoTaskMemFree

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 559KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d1fec85a869845266c90f7f98a8e91f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 280KB - Virtual size: 559KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 280KB - Virtual size: 559KB

.rsrc
Size: 5KB - Virtual size: 5KB