107b42538a5ebc933fa7ef5835681fa0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

107b42538a5ebc933fa7ef5835681fa0_JaffaCakes118
Size

169KB
MD5

107b42538a5ebc933fa7ef5835681fa0
SHA1

a713e4ac09938dac8ff18355da2606df342c5008
SHA256

647654fc837236fdfd4dc678a684802bc27d1730af04d32a07ceeec5c52cb758
SHA512

67b95bc8fde8f5d811f1d2d38cf2b3c174952892e4738e9bffb0448ac6c0db1c5307955eb9b14387bc4d80b691864dfd705f934f68d67b6953620f71caf7ae2f
SSDEEP

3072:1RvGVZmEPb7Zyb2dUxjlFjtPTQHLDskp1eWZ6DuTKV6NZTJ7TyZufDqj:DvAPb7ZmvlBtuLwqeWZJTb9yZ8Dqj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
107b42538a5ebc933fa7ef5835681fa0_JaffaCakes118

Files

107b42538a5ebc933fa7ef5835681fa0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69dee44f4bf17e77eb400a7d90d5125a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

ole32

CoInitialize
CoInitializeEx
CoRevokeClassObject
CoUninitialize
CoRegisterClassObject
CoFreeUnusedLibraries
CLSIDFromString
CoCreateInstance
GetRunningObjectTable
StringFromGUID2
CreateItemMoniker
CreateStreamOnHGlobal
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueA
RegEnumKeyExA

kernel32

HeapFree
ReleaseSemaphore
CreateFileW
SetEvent
LoadResource
lstrlenA
WaitForMultipleObjects
CreateEventA
InterlockedIncrement
ResetEvent
GetTapeParameters
Sleep
MultiByteToWideChar
WideCharToMultiByte
VirtualAlloc
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSection
GlobalAlloc
ClearCommError
SetThreadPriority
GetCurrentThread
LocalFree
GetSystemInfo
CloseHandle
TerminateThread
EnumResourceNamesA
GetACP
EnterCriticalSection
GetCurrentProcessId
ResumeThread
IsBadReadPtr
FreeLibrary
DisableThreadLibraryCalls
GetExitCodeThread
VirtualFree
GetModuleFileNameW
IsBadWritePtr
LoadLibraryW
GetProcAddress
GetSystemTimeAsFileTime
GetModuleFileNameA
CreateSemaphoreA
ReleaseMutex
FindResourceA
GetProcessHeap
FatalExit
GetCurrentThreadId
CreateMutexA
GetSystemTime
LockResource
GetThreadPriority
GetVersionExA
GetLastError
InterlockedDecrement
WaitForSingleObject
CreateThread
GetTickCount
QueryPerformanceCounter
LeaveCriticalSection
ExitProcess

user32

RegisterWindowMessageA
wvsprintfA
CopyRect
MsgWaitForMultipleObjects
GetMessageA
PostThreadMessageA
wsprintfA
CreateWindowExA
DispatchMessageA
LoadStringA
RegisterClassA
GetQueueStatus
MonitorFromWindow
PeekMessageA
DestroyWindow

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69dee44f4bf17e77eb400a7d90d5125a

Headers

File Characteristics

Imports

winmm

ole32

oleacc

advapi32

kernel32

user32

shell32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 53KB - Virtual size: 52KB

.lib Size: 512B - Virtual size: 92KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 53KB - Virtual size: 52KB

.lib
Size: 512B - Virtual size: 92KB