37c4d64ea2852c7f7983d0ed4f6de97f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37c4d64ea2852c7f7983d0ed4f6de97f_JaffaCakes118
Size

343KB
MD5

37c4d64ea2852c7f7983d0ed4f6de97f
SHA1

87576ffd8fc6072f32059199de1923725e743e54
SHA256

e2dedc001d35f1872223372a08161d136d7ed310186c64c2af241a5c0e580a26
SHA512

cd70edb1f174580bc73e91eed6306f602aaee35883975e0cf47b115f3fb47b7e9edbe2e204c0840c056e73eb37363d9eaecae78fbad966256e2ef41794e36122
SSDEEP

6144:sNsCbD/eKFxN2YAjI7FYk5LjFbO1yhrP8+IGAshm0g6YB6sru:iXDGKFzBnC0gSA76sr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37c4d64ea2852c7f7983d0ed4f6de97f_JaffaCakes118

Files

37c4d64ea2852c7f7983d0ed4f6de97f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e0c030beb8a94aedc93f48854ea9a3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetEnvironmentStrings
GetVersion
GetACP
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
RaiseException
InterlockedCompareExchange
HeapSize
GetCurrentProcessId
WritePrivateProfileStringA
SizeofResource
VirtualFree
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
LCMapStringW
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateFileW
GetProcAddress
FindNextFileA
CreateFileMappingA
ResetEvent
CompareStringA
lstrcpyA
lstrcmpA
GetProcessHeap
GlobalLock
DeleteFileW
GetWindowsDirectoryA
GetModuleHandleW
GetStartupInfoA
DeleteFileA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
HeapCreate
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
MultiByteToWideChar
TlsGetValue
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
GetVersionExA
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WaitForSingleObject
WriteFile
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
GetLocaleInfoW
FreeEnvironmentStringsW
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapDestroy
SetEvent
GetFileAttributesA
GetStdHandle
GetCurrentThread
GetEnvironmentVariableA
RtlUnwind
FatalAppExitA
GetCPInfo
IsBadWritePtr
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
CompareStringW
CreateProcessW
Sleep
FindResourceA
GetCommandLineA
GetCurrentThreadId
VirtualAlloc

user32

MessageBoxA
MoveWindow
GetDesktopWindow
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
EndDialog
SetWindowLongA
PostMessageA
GetSystemMetrics
DefWindowProcA
BeginPaint
SetFocus
EndPaint
FillRect
SetTimer
GetWindowLongA
TranslateMessage
EnableWindow
ShowWindow
UpdateWindow
GetMessageA
DestroyWindow
ReleaseDC
IsWindow
PostQuitMessage
SetForegroundWindow
IsWindowVisible
SendMessageA
GetClientRect
CallWindowProcA
SetCursor
GetSysColor

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e0c030beb8a94aedc93f48854ea9a3c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 79KB - Virtual size: 79KB

.data Size: 261KB - Virtual size: 261KB

.rsrc Size: 1024B - Virtual size: 520B

.text
Size: 79KB - Virtual size: 79KB

.data
Size: 261KB - Virtual size: 261KB

.rsrc
Size: 1024B - Virtual size: 520B