40a3772e81309cbd3e0102a1fe1cb5ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40a3772e81309cbd3e0102a1fe1cb5ba_JaffaCakes118
Size

124KB
MD5

40a3772e81309cbd3e0102a1fe1cb5ba
SHA1

c3ebc618d965d221c42f1b0690a91a6460f240a6
SHA256

768fc86104f7f446abcbf18bd314a060b8ac2d02e0212930b7c3b4d8aa33fc72
SHA512

1ef945da984fb4f08346bfc260d4049bca37161577db3079327fc53f7472cca25115f375dcec146b9eeacf7443738c6a0391923491a5329c83b5c96bc9ed70c3
SSDEEP

3072:oePDrhBbc11KhPRIHYlBR72VmBl/iC/ENEOz8AavZaV3a4jfSX:oe/bKEJ1N79

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a3772e81309cbd3e0102a1fe1cb5ba_JaffaCakes118

Files

40a3772e81309cbd3e0102a1fe1cb5ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b38982649e8faccdf4f2c872f19135d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
lstrcmpA
LoadLibraryA
GetShortPathNameA
GetModuleFileNameA
GetProcAddress
FreeLibrary
lstrcatA
lstrcpynA
GetSystemDefaultLangID
WinExec
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
WriteFile
RtlUnwind
GetLastError
TlsGetValue
SetLastError
InterlockedIncrement
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
FindResourceA
LoadResource
LockResource
lstrlenW
GlobalHandle
GlobalFree
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
lstrcmpiA
GetCurrentProcess
FlushInstructionCache
lstrlenA
lstrcpyA
LCMapStringW

user32

InvalidateRgn
wsprintfA
CreateAcceleratorTableA
GetDesktopWindow
RedrawWindow
SetWindowPos
IsChild
GetSysColor
CreateDialogIndirectParamA
SetWindowTextA
GetWindow
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DestroyWindow
IsWindowEnabled
ShowWindow
PeekMessageA
GetMessageA
TranslateMessage
EnableWindow
IsDlgButtonChecked
DefWindowProcA
SetRectEmpty
SendMessageA
GetDlgItem
DestroyCursor
SetWindowLongA
ScreenToClient
GetCursorPos
ReleaseCapture
GetCapture
SetCapture
SetFocus
SetCursor
CheckDlgButton
PostMessageA
PostQuitMessage
GetWindowRect
SystemParametersInfoA
MapWindowPoints
GetSystemMetrics
LoadImageA
FindWindowExA
LoadStringA
FindWindowA
DispatchMessageA
IsWindowVisible
IsIconic
BringWindowToTop
SetForegroundWindow
CallWindowProcA
GetFocus
DrawFocusRect
CreateWindowExA
ReleaseDC
GetDC
GetClassNameA
GetWindowLongA
CreateCursor
GetWindowTextLengthA
GetWindowTextA
DrawTextA
OffsetRect
CharNextA
EndPaint
IsWindow
GetParent
GetClientRect
FillRect
BeginPaint
InvalidateRect
PtInRect
IsDialogMessageA

gdi32

CreateSolidBrush
CreateCompatibleBitmap
GetStockObject
CreateCompatibleDC
BitBlt
SetBkMode
SetTextColor
DeleteDC
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteObject
SelectObject

advapi32

RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
OleCreateFontIndirect
VariantClear
LoadRegTypeLi
SysStringLen

shlwapi

PathRemoveFileSpecA
PathAppendA

comctl32

InitCommonControlsEx

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b38982649e8faccdf4f2c872f19135d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 24KB - Virtual size: 20KB