e78a6d89e5c6483ff30dafa885f6dbc2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e78a6d89e5c6483ff30dafa885f6dbc2_JaffaCakes118
Size

465KB
MD5

e78a6d89e5c6483ff30dafa885f6dbc2
SHA1

40141890602733b6880e4672ee13aacd66df7118
SHA256

cf283b601099573320dfab62eb4e713933d0fe27ce6e460d7bf6a9f58882ef75
SHA512

a2d67e2194af12fe88c080c73aafe465f5e0c66da1cf5a404ba1ce7a1e5db4e4eb7039a6742d60e4c64c3bb9da3a49c9fb997bc81a88d04725552604a6d602ce
SSDEEP

12288:5RUYJCqKWZ60hXoyjp8xeFBPZ98uB+OXaI7Xq1Wc7:vHUqKuPh4y1fjTB+OKam

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e78a6d89e5c6483ff30dafa885f6dbc2_JaffaCakes118

Files

e78a6d89e5c6483ff30dafa885f6dbc2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00d37e89b7167db01eebfcd6d64fa3bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetWindowOrgEx
TextOutW
SetDIBits
PlayMetaFile
GetEnhMetaFileA
OffsetClipRgn
SetTextColor
GetObjectType
DeleteEnhMetaFile
CreateColorSpaceW
SetColorSpace
GetObjectW

advapi32

CryptReleaseContext
LookupPrivilegeValueA
RegQueryValueA
RegDeleteValueW
LogonUserA
CryptSetKeyParam
RegDeleteValueA
LookupPrivilegeValueW
GetUserNameW
CreateServiceW
RegRestoreKeyA
RegOpenKeyExA
RegDeleteKeyA
RevertToSelf
CryptHashSessionKey
RegOpenKeyW
CryptGetProvParam
CryptVerifySignatureW
RegFlushKey
RegQueryMultipleValuesA
StartServiceA
LookupSecurityDescriptorPartsW
RegEnumValueW
RegQueryValueW

shell32

DoEnvironmentSubstA
SHGetSpecialFolderLocation
InternalExtractIconListW
ExtractAssociatedIconExA
DragQueryFileAorW
DragQueryPoint
SHFormatDrive
SHGetSpecialFolderPathA
DragFinish
ExtractIconA
RealShellExecuteExW
SHGetDataFromIDListW
ExtractIconW
SheSetCurDrive
SHInvokePrinterCommandW
CheckEscapesW

user32

DdeGetData
SetPropW
FrameRect
InflateRect
CountClipboardFormats
DrawFocusRect
ScreenToClient
GetWindowLongW
DrawAnimatedRects
GetMessagePos

kernel32

FreeEnvironmentStringsW
IsValidLocale
GetStringTypeW
WideCharToMultiByte
WriteFile
GetCurrentThreadId
GetLastError
GetStringTypeA
TlsSetValue
DebugBreak
CompareStringA
InterlockedIncrement
GetACP
GetCurrentProcess
GetEnvironmentStringsW
HeapFree
SetConsoleCtrlHandler
VirtualProtect
GetTickCount
ExitProcess
SetHandleCount
GetStdHandle
GetCommandLineW
VirtualAlloc
GetModuleFileNameA
LCMapStringW
CompareStringW
LCMapStringA
VirtualQuery
GetTimeFormatA
GetCPInfo
FreeEnvironmentStringsA
GetCurrentProcessId
HeapReAlloc
MultiByteToWideChar
TlsFree
TlsAlloc
CloseHandle
GetTimeZoneInformation
EnumSystemLocalesA
InterlockedDecrement
SetEnvironmentVariableA
SetStdHandle
GetCommandLineA
HeapValidate
InterlockedExchange
GetCurrentThread
GetOEMCP
DeleteCriticalSection
LeaveCriticalSection
GetStartupInfoA
FlushFileBuffers
GetLocaleInfoA
InitializeCriticalSection
VirtualFree
RtlUnwind
QueryPerformanceCounter
UnhandledExceptionFilter
HeapDestroy
GetLocaleInfoW
GetVersionExA
GetCurrentDirectoryW
GetEnvironmentStrings
HeapCreate
GetProcAddress
SetLastError
IsBadReadPtr
OutputDebugStringA
GetStartupInfoW
IsValidCodePage
TlsGetValue
HeapAlloc
GetSystemInfo
EnterCriticalSection
GetModuleFileNameW
LoadLibraryA
GetDateFormatA
GetFileType
GetModuleHandleA
GetUserDefaultLCID
TerminateProcess
GetSystemTimeAsFileTime
SetFilePointer
LocalUnlock
IsBadWritePtr

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00d37e89b7167db01eebfcd6d64fa3bb

Headers

File Characteristics

Imports

gdi32

advapi32

shell32

user32

kernel32

Sections

.text Size: 175KB - Virtual size: 175KB

.data Size: 279KB - Virtual size: 279KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 175KB - Virtual size: 175KB

.data
Size: 279KB - Virtual size: 279KB

.rsrc
Size: 9KB - Virtual size: 8KB