683bd942618527416a05caf50c4f47c8_JaffaCakes118

General

Target

683bd942618527416a05caf50c4f47c8_JaffaCakes118
Size

29KB
MD5

683bd942618527416a05caf50c4f47c8
SHA1

8b126a2dc3051cf20ebead2990a5bf70f1e47478
SHA256

c8919c610a53422b0ddea1c81b1e7fc919bc82905182e305312dc2682a328c80
SHA512

e1523167b4d4e4a1ddf1f3335a8dfa27d7771ec456f0ed0ddc0fe2700b10ba0ceedf2b65d0cfe55052cb44d6c095691a206cbc546720afb115ac34ff95e06e07
SSDEEP

768:0GamOxYP2aClvpemj21LHwT+JBcgaSNbCNqDrwT2RjRc04:XqTaC9pemj21LQT+JBbaSA8YGjmB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/mwsSrcSp.exe

Files

683bd942618527416a05caf50c4f47c8_JaffaCakes118
.cab
mwsSrcSp.exe
.exe windows:4 windows x86 arch:x86

91ce68eb736c84fd75a62ada15a236a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
CloseHandle
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryExA
lstrcmpiA
DeleteFileA
SetFileAttributesA
GetStartupInfoA
ExitProcess
GetCommandLineA
GetModuleHandleA
GetSystemDirectoryA
DeleteCriticalSection
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetLastError
SetLastError
lstrcpyA
GetCurrentDirectoryA
GetFileAttributesA
GetDriveTypeA
GetVersionExA
lstrcatA
lstrcpynA
lstrlenA
CreateDirectoryA
EnumResourceNamesA
SetCurrentDirectoryA
InitializeCriticalSection
RemoveDirectoryA

user32

CharNextA
LoadStringA
wsprintfA
MessageBoxA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey

ole32

CoUninitialize
CoInitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 630B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91ce68eb736c84fd75a62ada15a236a3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

version

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 630B

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 630B

.rsrc
Size: 64KB - Virtual size: 60KB