537bfdce7186eb3346114faf1f6f9fa8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

537bfdce7186eb3346114faf1f6f9fa8_JaffaCakes118
Size

496KB
MD5

537bfdce7186eb3346114faf1f6f9fa8
SHA1

01dac38e6df661b665f1a7bd5e40c7ad6029fc6f
SHA256

dd39165971f895992b2e17dbca8c4823e03fb85dc369ed8a3841c5a67fd00940
SHA512

12d427eae244413a734d77bcae070db979c9267fcd1e733ef25f429978480ae0f5cc63cdbc8ea99043f585c615872c817ebc1043bbf51305ef694f8c84df7ee7
SSDEEP

12288:f0cV1uBnuJ96Mw4poaVK2EC+nljbJumLd5:f0cVka96bOoeKK+nhYmLd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
537bfdce7186eb3346114faf1f6f9fa8_JaffaCakes118

Files

537bfdce7186eb3346114faf1f6f9fa8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e996d3bbfc817d21a3124ceed81e29f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
BitBlt
CreateSolidBrush
GetStockObject
GetDeviceCaps
SetBkMode
SelectObject

kernel32

SetLastError
GetConsoleMode
GetCommandLineA
QueryPerformanceCounter
ResetEvent
RaiseException
GetCommandLineW
WriteConsoleW
VirtualAlloc
GetStringTypeW
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
UnhandledExceptionFilter
IsValidCodePage
GetProcAddress
GlobalUnlock
FindClose
FlushFileBuffers
SetEnvironmentVariableA
EnterCriticalSection
TlsFree
FreeEnvironmentStringsW
GlobalAlloc
DeleteFileW
FindNextFileW
ReadFile
LoadResource
SetUnhandledExceptionFilter
FindResourceA
HeapReAlloc
HeapAlloc
IsDebuggerPresent
GetVersionExA
GetStringTypeA
TerminateProcess
FindResourceW
LoadLibraryA
DeleteCriticalSection
GetEnvironmentStringsW
SetEvent
CreateFileMappingA
HeapFree
TlsGetValue
FindFirstFileW
CloseHandle
GetProcessHeap
ReleaseMutex
GetStdHandle
UnmapViewOfFile
LeaveCriticalSection
LocalFree
LocalAlloc
WriteFile
CreateMutexA
TlsSetValue
InitializeCriticalSection
CompareStringW
LCMapStringW
CreateFileA
CreateEventA
TlsAlloc
GetTickCount
GetThreadLocale
SetErrorMode
MapViewOfFile
lstrlenW
GetFileSize
CreateThread
GetFileType
FindFirstFileA
HeapCreate
HeapSize
VirtualQuery
GetFileAttributesW
SetFileAttributesA
GetTempPathA
SetFilePointer
GetSystemTimeAsFileTime
DeleteFileA
Sleep
GetFileAttributesA
SetStdHandle
GetCurrentProcess
FormatMessageW
WaitForSingleObject
GetModuleFileNameW
GetVersion
GetTimeZoneInformation
GetCurrentProcessId
SetHandleCount
GetACP
FreeLibrary
GetModuleHandleA
MultiByteToWideChar
lstrlenA
GetLocaleInfoA
GetModuleFileNameA
GetCurrentThreadId
LoadLibraryExW
GetConsoleCP
GetLastError
InterlockedDecrement
ExitProcess
GetStartupInfoA
GetEnvironmentStrings
GetEnvironmentVariableA
RtlUnwind
GetOEMCP
LCMapStringA
VirtualFree
HeapDestroy
GetCPInfo
FreeEnvironmentStringsA
SetEndOfFile
WideCharToMultiByte

ole32

CoUninitialize
CoTaskMemFree

advapi32

RegCloseKey
OpenProcessToken
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

user32

GetClientRect
BeginPaint
GetSystemMetrics
IsWindowEnabled
SetTimer
DispatchMessageA
EnableMenuItem
GetWindowRect
InvalidateRect
SetWindowTextA
GetWindowLongA
IsIconic
TrackPopupMenu
IsWindow
LoadIconA
PeekMessageA
SetWindowPos
SetForegroundWindow
GetSysColor
SetCursor
LoadCursorA
CallWindowProcA
GetDlgItem

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e996d3bbfc817d21a3124ceed81e29f0

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

advapi32

user32

Sections

.text Size: 68KB - Virtual size: 66KB

.data Size: 420KB - Virtual size: 419KB

.rsrc Size: 4KB - Virtual size: 296B

.text
Size: 68KB - Virtual size: 66KB

.data
Size: 420KB - Virtual size: 419KB

.rsrc
Size: 4KB - Virtual size: 296B