175d463cc635d157b5f0356f2dedf646_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

175d463cc635d157b5f0356f2dedf646_JaffaCakes118
Size

173KB
MD5

175d463cc635d157b5f0356f2dedf646
SHA1

833afef85485d17ae11fb77c72cdca1d5ff3e009
SHA256

ad97107da2ad4fff1779fb70d1b5f86c70859f312ded6c9ed6b401e845ff38c0
SHA512

45d14b6682f565143d4e815ed5c960aadc8011b358dfcbeabefdbf7e1b76ff6d14e8c3cc87a407e5dc87b8e7816901b5518324b3962332d3963434b834980231
SSDEEP

3072:eqgcoJbv2ZTpShypuSiuPBL+ZYtVxOkBJsEU6s2niAet3N/3hhJk6tyzuaiSqdhe:eqNoR2x6yASioN+ZMVokBpU2itt3NNtg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
175d463cc635d157b5f0356f2dedf646_JaffaCakes118

Files

175d463cc635d157b5f0356f2dedf646_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16f426a6795b49c03aeab00d9d833208

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostThreadMessageA
wsprintfA
LoadStringA
RegisterClassA
CreateWindowExA
GetMessageA
wvsprintfA
MsgWaitForMultipleObjects
CopyRect
DispatchMessageA
MonitorFromWindow
RegisterWindowMessageA
GetQueueStatus
PeekMessageA
DestroyWindow

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromString
GetRunningObjectTable
CoCreateInstance
CoUninitialize
StringFromCLSID
StringFromGUID2
CoTaskMemFree
CreateItemMoniker
CoInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CoInitializeEx
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc

winmm

timeGetDevCaps
timeGetTime
timeBeginPeriod
timeEndPeriod

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegSetValueA
RegCreateKeyA
RegEnumKeyExA

quartz

AMGetErrorTextW

kernel32

WaitForSingleObject
CloseHandle
GetSystemTimeAsFileTime
lstrlenA
VirtualFree
FindResourceA
GetTapeParameters
GetVersionExA
InterlockedDecrement
FreeLibrary
VirtualAlloc
InitializeCriticalSection
GetModuleFileNameW
LockResource
HeapFree
LeaveCriticalSection
DeleteCriticalSection
GetExitCodeThread
GetThreadPriority
ClearCommError
IsBadWritePtr
ReleaseMutex
MultiByteToWideChar
CreateThread
ReleaseSemaphore
CreateSemaphoreA
GetCurrentThread
EnumResourceNamesA
ResetEvent
WaitForMultipleObjects
QueryPerformanceCounter
LocalFree
LoadResource
GetSystemInfo
GlobalAlloc
InterlockedIncrement
GetModuleFileNameA
LoadLibraryA
WideCharToMultiByte
CreateMutexA
DisableThreadLibraryCalls
GetTickCount
TerminateThread
CreateFileW
GetSystemTime
GetCurrentThreadId
SetEvent
GetLastError
FatalExit
IsBadReadPtr
GetProcessHeap
GetCurrentProcessId
EnterCriticalSection
Sleep
LoadLibraryW
CreateEventA
SetThreadPriority
GetACP
ResumeThread
GetProcAddress
ExitProcess

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16f426a6795b49c03aeab00d9d833208

Headers

File Characteristics

Imports

user32

shell32

ole32

winmm

advapi32

quartz

kernel32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 43KB - Virtual size: 42KB

.lib Size: 512B - Virtual size: 88KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 43KB - Virtual size: 42KB

.lib
Size: 512B - Virtual size: 88KB