708be9f1c0964632dc0e9539e42734ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

708be9f1c0964632dc0e9539e42734ef_JaffaCakes118
Size

191KB
MD5

708be9f1c0964632dc0e9539e42734ef
SHA1

21ccfbb07d636792c58ad10ce99e731ebb6a9f74
SHA256

c18f46195c353d0b212ab85755af8063bc50cdb6f0a94b3c2053b9e81d686f14
SHA512

3678ff6ed5f01d84218d1d255a9e4b78cbc1eda737ea7527f66b58a2a28c435ed292b4410c49857eb97cafb8a05762f0dbc77b4008e97a9c6b8556859b3e152d
SSDEEP

3072:RehuMgvjeOpINcc6Ht2sZ2LYU4K5VYsghPFlFbH7JfWv:R2uMcq7xYHUYsgp7VHdWv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
708be9f1c0964632dc0e9539e42734ef_JaffaCakes118

Files

708be9f1c0964632dc0e9539e42734ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

267c36a227f1f24ae6028e2287db22d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterClassA
CreateWindowExA
DefWindowProcA
RegisterClassA
GetDesktopWindow
KillTimer
IsWindow
IsIconic
SetTimer
GetClientRect
ClientToScreen
PeekMessageA
MsgWaitForMultipleObjects
SetWindowPos
IsWindowVisible
GetWindowRect
IsRectEmpty
PostThreadMessageA
GetMessageA
DispatchMessageA
DestroyWindow
EndDialog
SetWindowLongA
GetWindowLongA
EnableWindow
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
DialogBoxParamA
FindWindowA
GetProcessWindowStation
EnumDesktopsA
OpenDesktopA
EnumDesktopWindows
CloseDesktop
GetClassNameA
GetWindowThreadProcessId
SystemParametersInfoA
GetDlgItem
SendMessageA
LoadImageA
SetDlgItemTextA
MessageBoxA

kernel32

SetLastError
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
ReadFile
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetStdHandle
SetEndOfFile
HeapSize
HeapAlloc
HeapReAlloc
HeapFree
InterlockedIncrement
InterlockedDecrement
GetVersion
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
WaitForMultipleObjects
TlsGetValue
GetCurrentThread
ResumeThread
DeleteCriticalSection
CreateThread
TlsSetValue
TlsAlloc
CreateFileA
WaitForSingleObject
TerminateProcess
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
FreeLibrary
LoadLibraryA
GetProcAddress
SetEvent
GetVersionExA
ResetEvent
CreateEventA
GetCurrentProcess
OpenProcess
CloseHandle
ExpandEnvironmentStringsA
FormatMessageA
GetLastError
GetCurrentProcessId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
LocalFree
GetModuleHandleA
LCMapStringA

advapi32

RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyA
RegCloseKey
RegNotifyChangeKeyValue
RegSetValueExA
RegQueryValueExA
RegEnumValueA
OpenProcessToken
GetUserNameA
CopySid
GetLengthSid
IsValidSid
FreeSid
AllocateAndInitializeSid
GetTokenInformation

comctl32

PropertySheetA
CreatePropertySheetPageA

ws2_32

inet_addr
inet_ntoa
htonl

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

267c36a227f1f24ae6028e2287db22d6

Headers

File Characteristics

Imports

user32

kernel32

advapi32

comctl32

ws2_32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 28KB - Virtual size: 32KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 28KB - Virtual size: 32KB

.rsrc
Size: 16KB - Virtual size: 13KB