a97cccf41c1c13939a7a37059c434a65_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a97cccf41c1c13939a7a37059c434a65_JaffaCakes118
Size

583KB
MD5

a97cccf41c1c13939a7a37059c434a65
SHA1

8f0800806fc6893630b12a316e00e42a9ce66f8a
SHA256

5a71d02088d3fecbe2f3e390ac6005a4efbaa89645300f81f1e04169f2c45ad1
SHA512

3615c1512ecd84405ec373f4f7618365e612c9aa22bbb6507ddbe90182c750f5862769446f1db630f5403a1f18cc55e17f6875f9d35bd7482dfa85057f5a7979
SSDEEP

12288:Ku1mW9qExPESAQwyHmSjSPezgFIPhqqC9AZ/f/MAIPh/sFSxfAS:5wW9/xMSAQdLjIez+MhJHZ/fiPh/+Sp3

Score

7^/10

Malware Config

Signatures

Molebox Virtualization software 1 IoCs

Detects file using Molebox Virtualization software.

resource	yara_rule
sample	molebox

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a97cccf41c1c13939a7a37059c434a65_JaffaCakes118

Files

a97cccf41c1c13939a7a37059c434a65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c810644914e2ea8c7a4c5d6c8f3b3f54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegDeleteKeyW
RegEnumValueW
RegOpenKeyExA
RegOpenKeyW
RegQueryValueW
RegSetValueA
RegSetValueW

kernel32

CloseHandle
CreateFileA
CreateFileMappingW
CreateFileW
ExitProcess
GetFileSize
InitializeCriticalSection
MapViewOfFile
SetFilePointer
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
WriteFile

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
clock
free
localtime
malloc
memcpy
mktime
signal
sprintf
sscanf
strcpy
time
wcscpy

user32

AdjustWindowRectEx
AppendMenuW
BeginPaint
CallNextHookEx
CallWindowProcW
CheckMenuItem
CloseClipboard
CreateDialogIndirectParamW
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefWindowProcW
DestroyCursor
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawStateW
EnableWindow
EndPaint
EnumClipboardFormats
ExitWindowsEx
GetAsyncKeyState
GetClassNameW
GetDC
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetMenuItemCount
GetMenuItemInfoW
GetMenuStringW
GetMessageTime
GetMessageW
GetParent
GetSubMenu
GetSysColor
GetSystemMetrics
GetUpdateRect
GetWindowDC
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InsertMenuItemW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsWindowVisible
KillTimer
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapWindowPoints
MessageBeep
MessageBoxW
MoveWindow
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
ReleaseDC
SendMessageW
SetFocus
SetForegroundWindow
SetParent
SetTimer
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UnregisterHotKey
UpdateWindow
VkKeyScanW
WaitForInputIdle

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 769KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c810644914e2ea8c7a4c5d6c8f3b3f54

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 512B - Virtual size: 180B

.idata Size: 4KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 769KB

.tls Size: 2KB - Virtual size: 56B

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 512B - Virtual size: 180B

.idata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 769KB

.tls
Size: 2KB - Virtual size: 56B

.rsrc
Size: 16KB - Virtual size: 15KB