10d420f7a1b18ecb1c3360d32e773431_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10d420f7a1b18ecb1c3360d32e773431_JaffaCakes118
Size

508KB
MD5

10d420f7a1b18ecb1c3360d32e773431
SHA1

17aeefd6531393771f9371ff61a61b04e23829a5
SHA256

999aef7839403bcc8581a1040ae61b6b0692ad4266f552c92a6638b9b57c841a
SHA512

80d5f79c24b98f9776c7c34e71af0b5d92c5f3eb2d26b029edade2c2c8d26de01612c1009eb446530dcc84bea0364c330a4e8ced7bbbe35c3a33c05847fefb09
SSDEEP

12288:N13qyCIK4SUtHnIM9/ULB8/9Zd4yzfeiNMmIa02PQ:N6lAIUULBkdJzt+mX00Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5871.exe
unpack001/RESIDE~1.EXE

Files

10d420f7a1b18ecb1c3360d32e773431_JaffaCakes118
.cab
5871.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RESIDE~1.EXE
.exe windows:4 windows x86 arch:x86

e161f81e891e726942e2f6d0be02bb00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
WritePrivateProfileStringA
OutputDebugStringA
CreateMutexA
GetLastError
HeapReAlloc
GetStdHandle
GetFileType
TlsSetValue
SetEnvironmentVariableA
CompareStringW
ExitThread
HeapFree
LoadLibraryA
SetEndOfFile
GetACP
CreateFileA
GetOEMCP
GetCPInfo
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
IsBadWritePtr
GetProcAddress
GetModuleHandleA
Sleep
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
MultiByteToWideChar
CreateEventA
CloseHandle
SetEvent
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
CreateThread
GetCurrentThreadId
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapAlloc
ReleaseMutex
TlsAlloc
SetLastError
TlsGetValue
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
ReadFile
VirtualAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
CompareStringA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LCMapStringA
LCMapStringW
RaiseException
HeapSize

user32

LoadMenuA
GetWindowLongA
PostMessageA
EndDialog
KillTimer
GetSystemMetrics
SetTimer
MessageBoxA
DefWindowProcA
DestroyWindow
LoadStringA
GetDC
CreateWindowExA
SetWindowLongA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
PeekMessageA
LoadAcceleratorsA
GetWindowRect
UpdateWindow
ShowWindow
SetCursor
PostQuitMessage
SetWindowPos
AdjustWindowRect
GetMenu
ClientToScreen
GetClientRect
ReleaseDC
CallWindowProcA
TrackPopupMenuEx
RegisterClassA
LoadCursorA
LoadIconA
SetRect
RedrawWindow
DrawMenuBar
FillRect
GetSubMenu
SendMessageA
DestroyMenu
DialogBoxParamA
SetDlgItemTextA
SendDlgItemMessageA
CheckRadioButton
GetDlgItem
InvalidateRect

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

comctl32

CreatePropertySheetPageA
PropertySheetA

winmm

timeGetTime

imm32

ImmAssociateContext

ddraw

DirectDrawEnumerateA
DirectDrawCreate

dsound

ord2
ord1

dinput

DirectInputCreateA

msacm32

acmDriverDetailsA
acmDriverEnum
acmDriverOpen
acmMetrics
acmFormatSuggest
acmStreamOpen
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmDriverClose

gdi32

GetObjectA
CreateDIBSection
GetDeviceCaps
GetStockObject
CreateFontA
DeleteDC
SetTextColor
SetBkColor
ExtTextOutA
DeleteObject
CreateCompatibleDC
BitBlt
SelectObject

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 11KB - Virtual size: 11KB

DATA Size: 512B - Virtual size: 200B

BSS Size: - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 1KB

.tls Size: - Virtual size: 4B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 692B

.rsrc Size: 512B - Virtual size: 512B

e161f81e891e726942e2f6d0be02bb00

Headers

File Characteristics

Imports

kernel32

user32

ole32

comctl32

winmm

imm32

ddraw

dsound

dinput

msacm32

gdi32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 132KB - Virtual size: 5.3MB

.rsrc Size: 8KB - Virtual size: 7KB

CODE
Size: 11KB - Virtual size: 11KB

DATA
Size: 512B - Virtual size: 200B

BSS
Size: - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 1KB

.tls
Size: - Virtual size: 4B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 692B

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 132KB - Virtual size: 5.3MB

.rsrc
Size: 8KB - Virtual size: 7KB