8a25bc81bbfca1f709cbb3405f6b822b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a25bc81bbfca1f709cbb3405f6b822b_JaffaCakes118
Size

159KB
MD5

8a25bc81bbfca1f709cbb3405f6b822b
SHA1

55c5b07910e45dfeb99f0db0ba10acf2944e2b51
SHA256

46e2dbda67918bbf18f40728a981f04e7e8baa699fd587e5009fc35dc75ae54a
SHA512

b5d246488abf52475f7fa206c97bbcebe3e844151c498fa68ce58e34bca5c612c96f0073cec44e310f8c3a371ab147fbb2607c42122dcc7f9ca6df90015b2def
SSDEEP

3072:+AQyIlQyQQl4TwWWxz+vrpVx2gmJnEvoUzRk/1snKd+4XlCzvzGWiFyU9X:YyHyOTwWWArpfk4S24VC/GWi/x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bratok.exe

Files

8a25bc81bbfca1f709cbb3405f6b822b_JaffaCakes118
.zip
bratok.exe
.exe windows:4 windows x86 arch:x86

34872398986a0a453607a7fcf604dd2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetModuleFileNameA
GetTempFileNameA
CopyFileA
CreateDirectoryA
DeleteFileA
GlobalAlloc
WinExec
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalDeleteAtom
GetTickCount
GlobalLock
GlobalUnlock
CloseHandle
MultiByteToWideChar
OpenFileMappingA
MapViewOfFile
CreateFileMappingA
GetLastError
UnmapViewOfFile
LocalLock
LocalAlloc
LocalUnlock
LocalFree
SizeofResource
GlobalReAlloc
LockResource
FindResourceA
LoadResource
GetProfileStringA
FreeResource
lstrcatA
GetStartupInfoA
GlobalAddAtomA
GetFileAttributesA
FlushFileBuffers
CreateFileA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
GetOEMCP
GetACP
GetCPInfo
GetFileType
GetStdHandle
SetHandleCount
SetStdHandle
SetFilePointer
ReadFile
VirtualAlloc
VirtualFree
HeapCreate
GlobalFree
HeapDestroy
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetProcAddress
LoadLibraryA
SetEndOfFile
HeapSize
LCMapStringA
LCMapStringW

user32

MessageBoxA
LoadStringA
UnpackDDElParam
CheckMenuItem
wsprintfA
FreeDDElParam
GetWindowRect
SetRect
IsWindow
GetDC
ReleaseDC
GetCursorPos
ShowWindow
SetWindowPos
SendMessageA
DialogBoxParamA
MoveWindow
GetClientRect
EndDialog
DestroyCursor
SetTimer
KillTimer
InvalidateRect
SetCursor
PtInRect
LoadCursorA
GetAsyncKeyState
EndPaint
BeginPaint
SetDlgItemTextA
GetDlgItemTextA
CopyRect
GetWindow
GetClassNameA
GetTopWindow
GetDesktopWindow
IsWindowVisible
GetWindowLongA
EnumWindows
GetUpdateRect
IntersectRect
UpdateWindow
EqualRect
SetRectEmpty
UnionRect
LoadIconA
TranslateMessage
DispatchMessageA
FindWindowA
PostQuitMessage
SetClassWord
SetWindowTextA
DefWindowProcA
SetForegroundWindow
TrackPopupMenu
DestroyWindow
DestroyMenu
CreateWindowExA
LoadMenuA
GetSubMenu
RegisterClassA
OffsetRect
FillRect
SetWindowLongA
PostMessageA
GetMessageA
IsRectEmpty

gdi32

RealizePalette
GetObjectA
DeleteDC
DeleteObject
BitBlt
SetMapMode
SetBkColor
CreateCompatibleBitmap
CreateBitmap
GetMapMode
SelectObject
CreateCompatibleDC
GetPixel
GetStockObject
SetBkMode
GetDeviceCaps
CreateDIBitmap
CreatePalette
CreateSolidBrush
SelectClipRgn
CreateRectRgnIndirect
SetRectRgn
SelectPalette

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

winmm

mciSendCommandA

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34872398986a0a453607a7fcf604dd2b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 23KB - Virtual size: 39KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 127KB - Virtual size: 127KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 23KB - Virtual size: 39KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 127KB - Virtual size: 127KB