974d7cb2def23d6e80c78ec95270572a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

974d7cb2def23d6e80c78ec95270572a_JaffaCakes118
Size

321KB
MD5

974d7cb2def23d6e80c78ec95270572a
SHA1

8ab5807c65e4ca843070dcb0f14d0173a9db4210
SHA256

9d581ee670d94607400cd9a614b8c3d718a97d269dccabf43afe47bc5a9da8ec
SHA512

71b431979327aacaa524e402922428dc7f4d08399e12e497680e9ef79769b7ea402592121356084339e62909228b653d601b0882fa21d9837aae5683325ae945
SSDEEP

6144:s2BZPedpd4dvqQDYtbPTBFl7jAO0w/HrOZRk0i0MwG2D9:sOZPedpd4lDwLTLl7jdLaRkP0MwG2D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
974d7cb2def23d6e80c78ec95270572a_JaffaCakes118

Files

974d7cb2def23d6e80c78ec95270572a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d918660b47b512b9883a38bec0a11954

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetSystemDirectoryW
GetShortPathNameW
DeleteFileW
WinExec
WideCharToMultiByte
GetModuleHandleA
FreeLibrary
SearchPathA
GetShortPathNameA
ExitProcess
MultiByteToWideChar
CopyFileW
GetTempFileNameW
GetTempPathW
GetLastError
CreateMutexW
WaitForSingleObject
OpenEventW
CreateEventW
GetCommandLineW
GetProcAddress
SystemTimeToFileTime
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateFileA
Sleep
TerminateProcess
ReadFile
GetModuleFileNameW
GetModuleHandleW
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemTime
GetTickCount
SetEvent
CreateFileW
WriteFile
CloseHandle
GetStartupInfoA
GetFileType
SetHandleCount
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapSize
GetStdHandle
HeapCreate
HeapAlloc
HeapFree
RtlUnwind
ExitThread
ResumeThread
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersionExA
GetProcessHeap
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentProcess
IsDebuggerPresent
RaiseException
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy

user32

DispatchMessageW
TranslateMessage
GetMessageW
DialogBoxParamW
GetDC
EndDialog
SetDlgItemTextA
ShowWindow
UpdateWindow
SetTimer
UnregisterClassW
DefWindowProcW
KillTimer
PostQuitMessage
BeginPaint
EndPaint
GetClientRect
CreateWindowExW
DrawTextW
GetWindowDC
ReleaseDC
GetWindowLongW
SetWindowLongW
GetWindowPlacement
SetWindowPlacement
GetDesktopWindow
GetWindowRect

gdi32

SetBkMode
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDIBits
DeleteDC
CreatePen
SelectObject
CreateSolidBrush
Rectangle
DeleteObject
SetDIBitsToDevice
CreateFontW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

CommandLineToArgvW
SHGetFolderPathA

rpcrt4

UuidCreate
RpcStringFreeW
UuidToStringW

wininet

InternetCrackUrlW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d918660b47b512b9883a38bec0a11954

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

rpcrt4

wininet

iphlpapi

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 102KB - Virtual size: 110KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 102KB - Virtual size: 110KB

.rsrc
Size: 5KB - Virtual size: 4KB