837f6c44728d0ea7317f4a57fe0bb9ed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

837f6c44728d0ea7317f4a57fe0bb9ed_JaffaCakes118
Size

192KB
MD5

837f6c44728d0ea7317f4a57fe0bb9ed
SHA1

8b3be48b0f4c02b3027ff652c37c1933f9b0a07a
SHA256

3ca0545c42735947ca42cec00a334326f4b32a06bf44f7630c6c2f544cbaf110
SHA512

bbcbeac4d8fbe21829e0e3901bce71ee55cb44d60fa0834551c49599c2bdff72d55280f9c308cd3614267b112ccda8909222cadbce834a05034268388ce57c13
SSDEEP

3072:X8eN+Vr1oNoZMjRpt34Z/81LFX7RM/QFYADVo5YpKdS/ldbioQ7D+GhCd5FsRDKF:slVhsoW3QilRFYQkYUdSt8oQ7D+DdGKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
837f6c44728d0ea7317f4a57fe0bb9ed_JaffaCakes118

Files

837f6c44728d0ea7317f4a57fe0bb9ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d24afb0223ab77c6208b848d6d61991

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetPrivateProfileStringA
lstrlenA
GetModuleFileNameA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyA
CreateProcessA
GetProfileStringA
CreateFileA
lstrcmpiA
WideCharToMultiByte
GetLastError
WaitForSingleObject
lstrcatA
CreateThread
CloseHandle
GetProcAddress
OpenProcess
LoadLibraryA
GetModuleHandleA
FreeLibrary
GetLocaleInfoA
GetSystemDefaultLangID
MultiByteToWideChar
LCMapStringA
HeapAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
WritePrivateProfileStringA
lstrcpynA
WriteFile
GetFileAttributesA
CreateDirectoryA
GetVersionExA
GetWindowsDirectoryA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetTimeZoneInformation
FreeEnvironmentStringsA
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStrings
LCMapStringW
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
GetFullPathNameA
GetCurrentDirectoryA
UnhandledExceptionFilter
HeapCreate
VirtualFree
GetStringTypeA
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
IsBadCodePtr
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr

user32

MessageBeep
wsprintfA
GetClassNameA
GetWindowTextA
EnumWindows
MessageBoxA
FindWindowA
LoadCursorA
SetCursor
ShowCursor

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegQueryInfoKeyA
RegDeleteKeyA

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9d24afb0223ab77c6208b848d6d61991

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 80KB - Virtual size: 80KB