37a171cebc8091c896b9378f8019463e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37a171cebc8091c896b9378f8019463e_JaffaCakes118
Size

1.4MB
MD5

37a171cebc8091c896b9378f8019463e
SHA1

40aa38a6e4184d95834d45f62af0108e6bcca064
SHA256

1abacc3315f65bed42aded83ead12a1ab26fe230d9d05d843c838e94403e81ef
SHA512

b76c2c575366ac4d8e9cced8369782776a8442b363885578f183627ca2cda931e9673d72ba673a4c400dd7ce1e73935cf651f6adadf5bb4fe6c5c496e673f144
SSDEEP

24576:v0ijNEbvdRiqYtkwWLUnYeeeG5dZ5v8L1NcFLKWZwVpEef:v0iJEbnrzUnYdeoJve1N8ZW7f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a171cebc8091c896b9378f8019463e_JaffaCakes118

Files

37a171cebc8091c896b9378f8019463e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68c8e99cde48be674451137d5d67efb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SafeArrayGetElement
OleLoadPicture
VariantChangeType
SafeArrayCreate
GetErrorInfo
SafeArrayUnaccessData
SysAllocStringLen
RegisterTypeLib

user32

DrawFrameControl
DrawEdge
HideCaret

kernel32

SetThreadLocale
GetModuleHandleA
GetFullPathNameA
GetOEMCP
FindFirstFileA
FindClose
GetLastError
GetCurrentProcessId
GetThreadLocale
LockResource
SetEndOfFile
GetCurrentThreadId
LoadLibraryA
GlobalFindAtomA
lstrlenA
RtlMoveMemory
GetEnvironmentStrings
InitializeCriticalSection
SetErrorMode
DeleteFileA
EnumCalendarInfoA
GlobalAlloc
SetHandleCount
GetVersionExA
GetCurrentProcess
GetACP
LoadLibraryExA
VirtualFree
LocalAlloc
MoveFileA
GetCommandLineA
VirtualAlloc
GetProcessHeap
FormatMessageA

Sections

CODE
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 520KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 217KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 519KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68c8e99cde48be674451137d5d67efb3

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

Sections

CODE Size: 51KB - Virtual size: 52KB

.data Size: 520KB - Virtual size: 524KB

text Size: 217KB - Virtual size: 220KB

.tls Size: 519KB - Virtual size: 520KB

.bss Size: 1024B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

BSS Size: 512B - Virtual size: 1.9MB

INIT Size: 1KB - Virtual size: 4KB

.rsrc Size: 82KB - Virtual size: 84KB

CODE
Size: 51KB - Virtual size: 52KB

.data
Size: 520KB - Virtual size: 524KB

text
Size: 217KB - Virtual size: 220KB

.tls
Size: 519KB - Virtual size: 520KB

.bss
Size: 1024B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

BSS
Size: 512B - Virtual size: 1.9MB

INIT
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 82KB - Virtual size: 84KB