07433209f754aa905685fe6ade2955b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07433209f754aa905685fe6ade2955b9_JaffaCakes118
Size

192KB
MD5

07433209f754aa905685fe6ade2955b9
SHA1

3ddf30e1a0ac4f9c4a7bcf8b4c3723555ffdeab6
SHA256

aafb37f34696a161e426353dd64542729e5c3cc3dddef81d9b619d44adf797da
SHA512

272c5b54c23322b50dffd434cd3941748d77fc153ca298fb9ef2d4f35f4da0c653e27b9e5dc3f9bb709bb27179cf2c571d59996aa955b08880bb4068f8562ed7
SSDEEP

3072:TxQb/NeW45B3ugyIWhQfnQLFWMpYRovrHzUL/H12rAQds32F6S:NSQfuWsYK0qs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07433209f754aa905685fe6ade2955b9_JaffaCakes118

Files

07433209f754aa905685fe6ade2955b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c63a3c598a1c09ad373c9ce8402db97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetSystemTime
InterlockedIncrement
DeleteCriticalSection
lstrlenW
MultiByteToWideChar
lstrlenA
InitializeCriticalSection
GetShortPathNameA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetModuleHandleA
GetCommandLineA
GetCurrentThreadId
lstrcatA
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
lstrcmpiA
Sleep
WaitForSingleObject
GetProcAddress
CreateEventA
GetEnvironmentStringsW
CloseHandle
CreateThread
LoadLibraryA
lstrcpyA
InterlockedDecrement
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetStdHandle
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
SetEvent
HeapSize
WriteFile
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
SetUnhandledExceptionFilter
FlushFileBuffers
UnhandledExceptionFilter
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetLocalTime
RaiseException
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
SetFilePointer
IsBadWritePtr
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc

user32

SendMessageTimeoutA
CharNextA
RegisterClassExA
MessageBoxA
PostThreadMessageA
EnumChildWindows
GetClassNameA
GetWindowThreadProcessId
EnumWindows
RegisterWindowMessageA
CreateWindowExA
LoadStringA
DispatchMessageA
TranslateMessage
GetMessageA
DefWindowProcA

advapi32

RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

ole32

CoCreateInstance
CoInitialize
CoDisconnectObject
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoRegisterClassObject
CoRevokeClassObject
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr
LoadRegTypeLi
SysStringLen
SysAllocString
RegisterTypeLi
LoadTypeLi
SysFreeString
VariantClear

oleacc

ObjectFromLresult

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c63a3c598a1c09ad373c9ce8402db97

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

oleacc

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 176KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 176KB

.rsrc
Size: 76KB - Virtual size: 74KB