e88158c2ecf24414440d963085e0e926_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e88158c2ecf24414440d963085e0e926_JaffaCakes118
Size

414KB
MD5

e88158c2ecf24414440d963085e0e926
SHA1

775f7134e5a1d1f35e6b13ddcf6049906957eb9c
SHA256

745ec41bf05ea8a8140f2d01f65b7a935c6f192738e3f12f21b5cb0b1a44aee9
SHA512

cccbf3d2a4219ed59910e703dd2f9928dbc410086faf9ce5c0a02f6cb8c47bf3775146f3b71284ca2d512aa0218a3852783d6588cab6070a4bf85f8167c01075
SSDEEP

6144:6H2SXaj2HVi6gay+G+ha2ZpdaV5Dtm815qflxHwXcva34Y6j0F3ItPeZxKWDgX:FSqjYXyfDyUktxQsi34dj0FL5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e88158c2ecf24414440d963085e0e926_JaffaCakes118

Files

e88158c2ecf24414440d963085e0e926_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce303d8ea0bea6d825439956f49f726b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeDisplayNameW
RegOpenKeyExA
LookupPrivilegeValueW
RegDeleteValueW
RegEnumKeyW
CryptDecrypt
CryptGenRandom
RegRestoreKeyA
CryptEnumProviderTypesA

comdlg32

GetSaveFileNameA

kernel32

GetCurrentProcess
GetStringTypeW
CompareStringW
ExitProcess
IsValidCodePage
QueryPerformanceCounter
GetOEMCP
VirtualAlloc
InterlockedExchange
WriteFile
TlsGetValue
TerminateProcess
GetCurrentThread
FreeEnvironmentStringsW
GetCurrentProcessId
TlsSetValue
SetFileTime
IsValidLocale
GetTimeFormatA
GetProcAddress
GetCommandLineW
GetTickCount
RtlUnwind
GetThreadSelectorEntry
GetSystemTimeAsFileTime
HeapAlloc
SetLastError
GetLastError
GetEnvironmentStringsW
EnumResourceTypesW
GetStdHandle
UnhandledExceptionFilter
SetCurrentDirectoryW
EnumDateFormatsA
TlsFree
GetFileAttributesA
FlushFileBuffers
InitializeCriticalSection
GetCommandLineA
HeapCreate
GetCurrentThreadId
TransmitCommChar
GetModuleHandleA
GetStartupInfoA
IsBadWritePtr
SetHandleCount
HeapSize
GetProfileStringA
GetDateFormatA
OutputDebugStringW
GetLocaleInfoW
GetModuleFileNameA
VirtualFree
LCMapStringA
SetThreadIdealProcessor
HeapReAlloc
GetStringTypeA
GetFileType
MultiByteToWideChar
GetEnvironmentStrings
GetSystemInfo
GetVersionExA
GetStartupInfoW
WaitForDebugEvent
GetProfileStringW
GetCPInfo
GetLocaleInfoA
VirtualQuery
HeapDestroy
DeleteCriticalSection
LoadLibraryA
GetTimeZoneInformation
GetUserDefaultLCID
FindFirstFileA
EnumSystemLocalesA
FreeEnvironmentStringsA
GetACP
VirtualProtect
GetModuleFileNameW
EnterCriticalSection
LCMapStringW
TlsAlloc
SetEnvironmentVariableA
LeaveCriticalSection
HeapFree
WideCharToMultiByte
SetUnhandledExceptionFilter
CompareStringA

user32

GetClassNameA
WinHelpW
GetSystemMetrics
ChangeDisplaySettingsExW
GetMessageA

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce303d8ea0bea6d825439956f49f726b

Headers

File Characteristics

Imports

advapi32

comdlg32

kernel32

user32

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 7KB - Virtual size: 28KB

.data Size: 278KB - Virtual size: 278KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 7KB - Virtual size: 28KB

.data
Size: 278KB - Virtual size: 278KB

.rsrc
Size: 10KB - Virtual size: 10KB