01be967e73679d75ba8cdc67d6dcce00_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01be967e73679d75ba8cdc67d6dcce00_JaffaCakes118
Size

237KB
MD5

01be967e73679d75ba8cdc67d6dcce00
SHA1

b1c408263799e050b03d2f9cdf0dd322e1ef9f09
SHA256

2b16d5ecdec167ddce167f9917274afabf36bc73044ad177719a0ddc91fe4b84
SHA512

e2d40ea5cc3606437dcce6abc5fb5aad83025fe4df8f24ff8b419d04cf15982f29b35657bc66febde3753f63eb7f8ea6cb6a273383eacd9dd197c21ae01e1a22
SSDEEP

3072:I7b96PJn36dTNbHbcbltADs/GfGixCza9LmBmTK26:ug3mJIzefOO9Ks7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01be967e73679d75ba8cdc67d6dcce00_JaffaCakes118

Files

01be967e73679d75ba8cdc67d6dcce00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a33ede390059c3f66c0b4dba8ba2dd44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
VirtualAlloc
CreateFileW
GetStartupInfoW
EnterCriticalSection
LoadLibraryExA
SetEvent
GetTempFileNameW
GetTickCount
GetTempPathW
UnmapViewOfFile
GetModuleHandleW
CloseHandle
CreateProcessW
GetModuleFileNameW
GetLastError
SetLastError
DeleteCriticalSection
lstrcpynW
GetModuleHandleA
GetCommandLineW
GetSystemDirectoryW
lstrcatW
FormatMessageW
lstrlenW
lstrcpyW
LocalFree

user32

LoadIconW
LoadCursorW
LoadIconA
GetParent
DialogBoxParamW
SendMessageW
LoadStringW
SetDlgItemTextW
GetSysColor
DrawIconEx
FillRect
GetSysColorBrush
SetWindowTextW
EnableWindow
GetDlgItem
SetWindowPos
ShowWindow
EndDialog
MessageBoxW
SetWindowLongW
GetWindowLongW

gdi32

GetStockObject
GetObjectW
SetTextColor
SetBkMode
CreatePen
SelectObject
Polyline
DeleteObject
CreateFontIndirectW

msvcrt

_except_handler3
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_vsnwprintf
__set_app_type
_controlfp

advapi32

RegOpenKeyA

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathAppendW
PathQuoteSpacesW
StrCmpW
StrToIntW

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data24
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data23
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data21
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data20
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data19
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data5
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text13
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text12
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text5
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a33ede390059c3f66c0b4dba8ba2dd44

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shlwapi

Sections

.text Size: 9KB - Virtual size: 9KB

.data24 Size: 512B - Virtual size: 500B

.data23 Size: 512B - Virtual size: 500B

.data21 Size: 512B - Virtual size: 500B

.data20 Size: 512B - Virtual size: 500B

.data19 Size: 512B - Virtual size: 500B

.data5 Size: 198KB - Virtual size: 197KB

.data Size: 2KB - Virtual size: 2KB

.text13 Size: 512B - Virtual size: 16B

.text12 Size: 512B - Virtual size: 16B

.text6 Size: 1KB - Virtual size: 1KB

.text5 Size: 1KB - Virtual size: 1KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 724B

.text
Size: 9KB - Virtual size: 9KB

.data24
Size: 512B - Virtual size: 500B

.data23
Size: 512B - Virtual size: 500B

.data21
Size: 512B - Virtual size: 500B

.data20
Size: 512B - Virtual size: 500B

.data19
Size: 512B - Virtual size: 500B

.data5
Size: 198KB - Virtual size: 197KB

.data
Size: 2KB - Virtual size: 2KB

.text13
Size: 512B - Virtual size: 16B

.text12
Size: 512B - Virtual size: 16B

.text6
Size: 1KB - Virtual size: 1KB

.text5
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 724B