37cecd1b557a87056a0a6b48df807410_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37cecd1b557a87056a0a6b48df807410_JaffaCakes118
Size

100KB
MD5

37cecd1b557a87056a0a6b48df807410
SHA1

cbf683a2217ff49b9a85632234618d58bcc825b1
SHA256

618e80e33f17d69d5f037e7dd9790f6e2ffbe3591521fd1b4cbabd157110e196
SHA512

178da11903752ead4b0a74f3a136c991ffc3fea87daac39ed621750bdee94ce8751f861b3c6f3800332a5c267415ed239fb5b0ec3f5f8f96091cc2f3f35dcae5
SSDEEP

1536:tGVEpn6mYVMkB5q6j738WT+DOyZHp/RbIqa9FWDjmxA+OBEtid:muYVMk9jr1WZHvbd0A+OStid

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37cecd1b557a87056a0a6b48df807410_JaffaCakes118

Files

37cecd1b557a87056a0a6b48df807410_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05194bda7fe5e31f5fe5af0315cd7173

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
WriteFile
CreateFileA
DeleteFileA
lstrcmpA
lstrcatA
CreateProcessA
GetCurrentProcess
GetExitCodeProcess
WaitForSingleObject
GetFileAttributesA
SetFilePointer
ReadFile
CreateDirectoryA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetLastError
LoadLibraryA
FreeLibrary
GetProcAddress
GetLocaleInfoA
GlobalFree
GetStdHandle
InitializeCriticalSection
lstrcpynA
GetTickCount
GetCommandLineA
GetModuleHandleA
GetModuleFileNameA
GlobalAlloc
GetTempPathA
lstrcpyA
lstrlenA
CreateThread
GetStringTypeW
GetStringTypeA
HeapSize
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LocalAlloc
lstrcmpiA
SetFileTime
RtlUnwind
RaiseException
GetVersionExA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection

user32

DispatchMessageA
wsprintfA
GetMessageA
TranslateMessage

ole32

CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoUninitialize
CoGetInterfaceAndReleaseStream

oleaut32

VariantClear

ws2_32

inet_addr

dnsapi

DnsQuery_A
DnsRecordListFree

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05194bda7fe5e31f5fe5af0315cd7173

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

ws2_32

dnsapi

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 71KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 71KB

.rsrc
Size: 512B - Virtual size: 176B