25212c1fcad2d3bafc9352c6c758229d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25212c1fcad2d3bafc9352c6c758229d_JaffaCakes118
Size

2.5MB
MD5

25212c1fcad2d3bafc9352c6c758229d
SHA1

46aa861565496bf38703f5f15fc8fd3b7a0856c8
SHA256

a735749ac180ec80a3e8c463570a1438da94d7a2e104e4c57087fb3b1f1661e6
SHA512

b217167e7ce0c6dcc47467cebab1d806982dc8106d4d5c1c6d5c0a745b5ecbd3f5c66020084674359aa0e555c25617246d2292385ec609fd290526b6fd8de42d
SSDEEP

24576:APvOoYe/hWXa+mKrShOm6aqB5QcK/eDn8iZxP4xD3/IKNzmnXWAucpLlECZ2lpE:APOaHiSP6a7ezVkA0wP4lpEq+Mh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25212c1fcad2d3bafc9352c6c758229d_JaffaCakes118

Files

25212c1fcad2d3bafc9352c6c758229d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

549330111294e064b0434c4b0f950b7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
ExitProcess
GetACP
GetOEMCP
FlushFileBuffers
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetStdHandle
CreateMutexA
VirtualProtect
GetLastError
FreeLibrary
CreateDirectoryA
GetUserDefaultLangID
VirtualAlloc
CloseHandle
GetCurrentProcess
GetModuleHandleA
WideCharToMultiByte
OpenProcess
ReadFile
SetFilePointer
GetVersionExA
SetPriorityClass
GetThreadPriority
GetCurrentThread
GetPriorityClass
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
OpenFileMappingA
GetCurrentProcessId
GetSystemDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
WaitForSingleObject
CreateProcessA
CreateFileA
WriteFile
QueryPerformanceFrequency
QueryPerformanceCounter
WriteProcessMemory
SearchPathA
IsBadWritePtr
GetTickCount
ReleaseMutex
HeapSize
CreateSemaphoreA
ReleaseSemaphore
MultiByteToWideChar
FindClose
FindNextFileA
FindFirstFileA
GetTempPathA
GetWindowsDirectoryA
SystemTimeToFileTime
FileTimeToSystemTime
SetFileTime
GetVolumeInformationA
CreateEventA
DeleteFileA
DeviceIoControl
Sleep
VirtualProtectEx
SetLastError
GetDriveTypeA
QueryDosDeviceA
FormatMessageA
TerminateProcess
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
RaiseException
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
ControlService
QueryServiceConfigA
QueryServiceStatus
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
DeleteService
CloseServiceHandle
RegEnumValueA
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_Add

comdlg32

PrintDlgA

gdi32

SaveDC
SetBkColor
SetStretchBltMode
BitBlt
StretchBlt
CreateBitmap
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
RectVisible
StretchDIBits
DeleteObject
DeleteDC

ole32

OleRun

oleaut32

VariantCopy

shell32

DragFinish

user32

GetDC
wsprintfA
CopyImage
LoadImageA
SetSystemCursor
LoadCursorFromFileA
InvalidateRect
UnregisterClassA
MessageBoxA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

FtpOpenFileA

winmm

joyGetPos

winspool.drv

OpenPrinterA

wsock32

recv

Sections

CWFR
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FWFR
Size: 877KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hvdpok
Size: 783KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jzuhd
Size: 904KB - Virtual size: 903KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

549330111294e064b0434c4b0f950b7c

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

ole32

oleaut32

shell32

user32

version

wininet

winmm

winspool.drv

wsock32

Sections

CWFR Size: - Virtual size: 1.1MB

FWFR Size: 877KB - Virtual size: 880KB

.asrc Size: 33KB - Virtual size: 36KB

.hvdpok Size: 783KB - Virtual size: 784KB

.jzuhd Size: 904KB - Virtual size: 903KB

.idata Size: 4KB - Virtual size: 4KB

CWFR
Size: - Virtual size: 1.1MB

FWFR
Size: 877KB - Virtual size: 880KB

.asrc
Size: 33KB - Virtual size: 36KB

.hvdpok
Size: 783KB - Virtual size: 784KB

.jzuhd
Size: 904KB - Virtual size: 903KB

.idata
Size: 4KB - Virtual size: 4KB