96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118
Size

36KB
MD5

96b63143e9743a9d029d48ea5ae3734c
SHA1

c9e2f75a7a0a1af03a8db3456fdd2574644c5b65
SHA256

90f17c53155c19be364e8ec0351c52d3799ce7621dcb8cd8ba3ce2ff57eae6c8
SHA512

726edd08ff1e2b5c5cc04640ff48fc1afb6cfebd40e03c511945a36f4525019fb737a4ddd2f313ccc2587514aec7ed40f511cda67d5d25303b1b2d685ad7609a
SSDEEP

768:OjN8j/Gft5ZHfS/L5CI4yLH3/ZSOB+fhvvz:K6jO/Za/QIX73/Z8hvvz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118

Files

96b63143e9743a9d029d48ea5ae3734c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fe23cd1ef3959dcb275509d10002628b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
SetFileAttributesA
lstrlenA
FindClose
CreateMutexA
CreateDirectoryW
FindFirstFileW
GetWindowsDirectoryA
SetFilePointer
MoveFileA
ReadFile
GetCurrentProcessId
ReleaseSemaphore
GetUserDefaultLangID
WriteFile
QueryPerformanceCounter
FindResourceW
VirtualAlloc
CreateFileW
GetTempFileNameW
CloseHandle
VirtualQuery
SetVolumeLabelA
MultiByteToWideChar
GetTempPathW
GetSystemDirectoryW
CreateFileA
GetTickCount
SetLastError
SizeofResource
CreateSemaphoreA
LoadResource
GetCurrentProcess
InterlockedIncrement
GetCurrentThreadId
RemoveDirectoryW
IsBadReadPtr
DeleteFileW
GetVersionExA
GetFileSize
DeviceIoControl
VirtualUnlock
GetPrivateProfileStringW
InterlockedDecrement
HeapFree
GetSystemTime
lstrcmpiA
ReleaseMutex
LockResource
GetSystemDefaultLangID
GetProcessHeap
GetStartupInfoA
UnhandledExceptionFilter
GetLastError
LocalFree
GetSystemTimeAsFileTime
HeapAlloc
GetFileAttributesW
VirtualLock
SetUnhandledExceptionFilter
GetPrivateProfileIntW
FindNextFileW
VirtualFree

user32

SetDlgItemTextA
DialogBoxIndirectParamA
ReleaseDC
EnableWindow
CallWindowProcA
EndDialog
SetWindowLongA
CharPrevA
MessageBoxA
CharUpperA
SetForegroundWindow
CharNextA
SendDlgItemMessageA
SetWindowPos
ExitWindowsEx
GetDC
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
GetWindowLongA
MessageBeep
wsprintfA
SendMessageA
GetWindowRect
GetDlgItemTextA
LoadStringA
GetDesktopWindow
GetDlgItem
SetWindowTextA
ShowWindow

gdi32

DeleteObject
GetStockObject
GetObjectA
CreateFontIndirectA

advapi32

CryptAcquireContextA
CryptGetHashParam
RegOpenKeyExA
CryptHashData
RegQueryValueExA
CryptCreateHash
CryptDestroyHash
RegCloseKey

ole32

CoGetInterfaceAndReleaseStream
CLSIDFromProgID
OleInitialize
CoCreateInstance
CoMarshalInterThreadInterfaceInStream

ntdll

NtQueryObject
RtlEqualUnicodeString
RtlCreateSecurityDescriptor
RtlInitUnicodeString
RtlGetDaclSecurityDescriptor
NtQuerySecurityObject
RtlSetDaclSecurityDescriptor
NtSetSecurityObject
RtlInitAnsiString

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lvbe
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe23cd1ef3959dcb275509d10002628b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ntdll

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 117KB

.lvbe Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 247KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 117KB

.lvbe
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 247KB