82eec1ed394a3380beabaa157adf5e0a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82eec1ed394a3380beabaa157adf5e0a_JaffaCakes118
Size

52KB
MD5

82eec1ed394a3380beabaa157adf5e0a
SHA1

4c308080d8fd5d4d54f06a5109aa8a0461d67a6f
SHA256

3151112b3fe70ad31cf92435a721d548af48549bb69e925c47d6f5042da09955
SHA512

12ccef5681c588dadcd53681c3120006d6f0b083f6be3e97643caf5c0cb7483e52272559d7960993468df9b2f752bf222b641ffb9a715a29c87ca79c2de1ef86
SSDEEP

1536:hW45VQC1vo9kMLedTr7ZkWIH6VK8mFLc:hW45VQ6QeVr7Zk9yAA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82eec1ed394a3380beabaa157adf5e0a_JaffaCakes118

Files

82eec1ed394a3380beabaa157adf5e0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b08edd167b0d01bd905beccd60ca1a55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
ControlService
FreeSid
LockServiceDatabase
LookupAccountSidA
RegCloseKey
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateThread
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
EnumSystemLocalesA
ExitProcess
ExpandEnvironmentStringsA
FindFirstFileA
FindResourceA
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsA
GetExitCodeProcess
GetLastError
GetLocalTime
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathA
GetTimeZoneInformation
GetVersionExA
GlobalAlloc
GlobalHandle
GlobalReAlloc
HeapAlloc
HeapFree
HeapSize
InterlockedCompareExchange
InterlockedIncrement
IsBadReadPtr
IsBadWritePtr
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LocalAlloc
MapViewOfFile
Module32Next
MoveFileA
OpenProcess
QueryPerformanceCounter
ReadFile
ReleaseMutex
SetFileTime
SetStdHandle
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleA
WritePrivateProfileStringA
lstrcpynA
lstrlenA

user32

CharLowerA
CharUpperA
ClientToScreen
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DialogBoxParamA
EnumChildWindows
FillRect
GetCursorPos
GetDC
GetMenuItemCount
GetParent
GetProcessWindowStation
GetWindowDC
IsIconic
LoadIconA
LoadStringA
MessageBoxA
OffsetRect
PostMessageA
SendDlgItemMessageA
SetDlgItemTextA
SetWindowLongA
SetWindowPos

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b08edd167b0d01bd905beccd60ca1a55

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 17KB - Virtual size: 20KB

.INIT Size: 13KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 20KB

.INIT
Size: 13KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB