02f2eaf4ca09458c8a92d9abb62aa961_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02f2eaf4ca09458c8a92d9abb62aa961_JaffaCakes118
Size

189KB
MD5

02f2eaf4ca09458c8a92d9abb62aa961
SHA1

a7f9564411dcdd586705246c41f7dab8d1c5fecd
SHA256

b1757ef130a2093ed0443d52d82ea8ecb2a10e10329a4e782f072d542319c2a0
SHA512

e3ba43c0b66d8175790f4241f513916d4dafef52156c7d6a61861b62fac96578834b84a666620899b36f7e6465bbdefd127967458e60bb662f1d7ff0aee96844
SSDEEP

3072:cS6p+c/8cBCwrQlxCoSs2o/olv4PK9Xj8+q5pWiwO749/HZPWp1kMtnTHyYADL:o+aaw3s8t4C9YpWiwO749PO1k0yD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f2eaf4ca09458c8a92d9abb62aa961_JaffaCakes118

Files

02f2eaf4ca09458c8a92d9abb62aa961_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dbdc9cf125b4908e9a7956ece939c7ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetDevCaps
timeGetTime
timeBeginPeriod
timeEndPeriod

kernel32

GetTickCount
GetModuleFileNameA
LocalFree
LockResource
GetProcAddress
DisableThreadLibraryCalls
FindResourceA
CreateEventA
GetTapeParameters
GetModuleFileNameW
IsBadReadPtr
GetSystemTimeAsFileTime
LoadResource
CreateThread
ClearCommError
GetCurrentProcessId
SetThreadPriority
InitializeCriticalSection
GetVersionExA
HeapFree
ReleaseMutex
LoadLibraryW
InterlockedDecrement
ResumeThread
CreateSemaphoreA
ReleaseSemaphore
ResetEvent
lstrlenA
LeaveCriticalSection
LoadLibraryA
SetEvent
GetThreadPriority
IsBadWritePtr
EnumResourceNamesA
GetLastError
CreateFileW
GetProcessHeap
TerminateThread
VirtualFree
MultiByteToWideChar
FatalExit
EnterCriticalSection
QueryPerformanceCounter
CloseHandle
GlobalAlloc
GetSystemInfo
GetCurrentThread
InterlockedIncrement
CreateMutexA
GetSystemTime
Sleep
WaitForSingleObject
WideCharToMultiByte
FreeLibrary
DeleteCriticalSection
VirtualAlloc
WaitForMultipleObjects
GetACP
GetExitCodeThread
GetCurrentThreadId
ExitProcess

ole32

CoFreeUnusedLibraries
CoCreateInstance
CreateStreamOnHGlobal
CoRevokeClassObject
CLSIDFromString
CoRegisterClassObject
CoUninitialize
StringFromGUID2
GetRunningObjectTable
StringFromCLSID
CoInitializeEx
CoInitialize
CoTaskMemFree
CreateItemMoniker
CoTaskMemAlloc

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA
RegSetValueA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA

user32

wvsprintfA
CreateWindowExA
LoadStringA
RegisterWindowMessageA
PostThreadMessageA
wsprintfA
GetQueueStatus
MonitorFromWindow
DispatchMessageA
RegisterClassA
MsgWaitForMultipleObjects
GetMessageA
CopyRect
PeekMessageA
DestroyWindow

shell32

SHGetSpecialFolderPathA

quartz

AMGetErrorTextW

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbdc9cf125b4908e9a7956ece939c7ac

Headers

File Characteristics

Imports

winmm

kernel32

ole32

advapi32

user32

shell32

quartz

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 58KB - Virtual size: 58KB

.lib Size: 512B - Virtual size: 112KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 58KB - Virtual size: 58KB

.lib
Size: 512B - Virtual size: 112KB