db25a3bbcb0754b13be2915775af6297_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

db25a3bbcb0754b13be2915775af6297_JaffaCakes118
Size

101KB
MD5

db25a3bbcb0754b13be2915775af6297
SHA1

bb73076d6c5982ca0def36e8dd0cbee68d72907d
SHA256

ef5d742d2fac6becd1404327653d73bc34fd8d6507cc305bf41c3fe1a50f1508
SHA512

b713734b8d6dc021c8f9d6b50f3fdf8bc4af38694031c8d6e20280daa9d78755d93500fa18935f08fc8fcbd93350fc677052fee328de0fa317cbfcf9bd98cf50
SSDEEP

1536:ozkUuU0uM+JxWQu68UqlLAV8JSxrv0Cr0u+HG4H0qWVl0f9Q:ojuTTEEMq9ixr8tu+HG6cfo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db25a3bbcb0754b13be2915775af6297_JaffaCakes118

Files

db25a3bbcb0754b13be2915775af6297_JaffaCakes118
.exe windows:5 windows x86 arch:x86

129f42e2981c8014a93f69244ba28b46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICCompress
ICGetInfo
ICClose
ICOpen
ICLocate
ICDecompress
ICSendMessage

kernel32

GetLastError
InterlockedExchange
lstrcmpW
CloseHandle
InterlockedDecrement
GetPrivateProfileStringW
HeapFree
GetTickCount
lstrlenA
PostQueuedCompletionStatus
GetThreadPriority
GetProcessHeap
DeleteCriticalSection
HeapAlloc
GlobalHandle
lstrcpyA
DeleteFileW
GetSystemTimeAsFileTime
CreateSemaphoreW
lstrlenW
SetThreadPriority
VirtualFree
WaitForMultipleObjects
GetCurrentProcessId
OutputDebugStringA
lstrcpyW
GlobalMemoryStatus
GetSystemInfo
SetEvent
GetVersionExW
CreateThread
LeaveCriticalSection
CreateEventW
lstrcmpiW
SetEndOfFile
IsBadWritePtr
GetFileSize
GetFullPathNameW
MulDiv
WaitForSingleObject
GlobalAlloc
GlobalLock
GetCurrentThread
CreateFileW
GetQueuedCompletionStatus
InitializeCriticalSection
QueryPerformanceCounter
LoadLibraryW
GetProfileIntA
CreateIoCompletionPort
IsBadHugeReadPtr
GlobalFree
ReleaseSemaphore
IsBadCodePtr
GetStartupInfoA
FreeLibrary
EnterCriticalSection
GetFileAttributesW
GetModuleFileNameA
ResetEvent
GetSystemDefaultLangID
GetCPInfo
SetUnhandledExceptionFilter
GlobalUnlock
IsBadReadPtr
lstrcpynW
GetDiskFreeSpaceW
GetEnvironmentStringsW
InterlockedIncrement
WriteFile
SetFilePointer
GetCurrentProcess
MultiByteToWideChar
ReadFile
WideCharToMultiByte

user32

IsWindowVisible
GetDlgItemInt
SetWindowLongW
DefWindowProcW
ClientToScreen
GetWindowLongW
GetDesktopWindow
SetDlgItemTextW
DispatchMessageW
SetCursor
GetDlgItem
CreateDialogParamW
LoadStringW
GetClientRect
DestroyWindow
GetDC
GetWindowRect
wsprintfW
SendMessageW
ShowWindow
CheckRadioButton
MoveWindow
IsRectEmpty
PeekMessageW
IsWindow
GetAsyncKeyState
SetDlgItemInt
CheckDlgButton
InvalidateRect
TranslateMessage
ReleaseDC
LoadCursorW
EnableWindow

winmm

waveInClose
waveInReset
mixerOpen
SendDriverMessage
waveInOpen
waveInGetDevCapsW
mixerSetControlDetails
mixerGetControlDetailsW
waveInUnprepareHeader
mixerGetLineInfoW
waveInStop
OpenDriver
waveInAddBuffer
CloseDriver
mixerGetLineControlsW
waveInStart
waveInPrepareHeader
mixerClose
mixerGetID

gdi32

GetObjectW
GetTextExtentPoint32W
SelectObject
GetPaletteEntries
PatBlt
GetStockObject

ole32

CoInitialize
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemFree
StringFromGUID2

msvcrt

wcslen
??2@YAPAXI@Z
_purecall
_ftol
_except_handler3
??3@YAXPAX@Z

advapi32

RegEnumKeyW
RegCreateKeyW
RegSetValueExW
RegOpenKeyW
RegCloseKey
RegSetValueW
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryValueExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

129f42e2981c8014a93f69244ba28b46

Headers

File Characteristics

Imports

msvfw32

kernel32

user32

winmm

gdi32

ole32

msvcrt

advapi32

version

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 114KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 114KB

.rsrc
Size: 23KB - Virtual size: 23KB