37984bda80af8f20b4554db19ce4c070_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

37984bda80af8f20b4554db19ce4c070_JaffaCakes118
Size

841KB
MD5

37984bda80af8f20b4554db19ce4c070
SHA1

12b164ea23663d18a62d149c8d63a683fdaaf422
SHA256

f588368dcd097521f1541c85afaab6ee54b7d0cc78dbddd8a97dcedab82d7b2f
SHA512

99824537858e1fb7ae130bd3f706acf63ef930cf807d90e5ba1f345efcf7c7057bb2edca575e9ef6774e67ac0e16b69e4672f22696f4192382750a6696fd9e90
SSDEEP

6144:GnIAoVA7vB2E2XJctXpEkalUcSeAsDykOXnOqzeKvwiRx8CtQJcsS0slMfOo5IOd:VW2E2Xe5EkaeeAskKK9EkXhXMfOU1y2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37984bda80af8f20b4554db19ce4c070_JaffaCakes118

Files

37984bda80af8f20b4554db19ce4c070_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bfabc242be2f99886f51d751793f2bdf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
FreeEnvironmentStringsW
InterlockedIncrement
IsDBCSLeadByte
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
MultiByteToWideChar
ReadFile
RtlUnwind
SetEvent
SetHandleCount
SizeofResource
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
lstrlenW
FreeEnvironmentStringsA
FindResourceA
ExitProcess
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
InterlockedDecrement
CloseHandle

user32

LoadIconA
GetSysColor
wsprintfA
TranslateMessage
SetForegroundWindow
PostThreadMessageA
IsWindow
GetMessageA
DispatchMessageA
CharNextA

advapi32

RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

ole32

CoCreateInstance
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
StringFromGUID2

Sections

.text
Size: 807KB - Virtual size: 807KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfabc242be2f99886f51d751793f2bdf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 807KB - Virtual size: 807KB

.data Size: 512B - Virtual size: 536B

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 807KB - Virtual size: 807KB

.data
Size: 512B - Virtual size: 536B

.rsrc
Size: 32KB - Virtual size: 31KB