e83a06d65d8f057775942bec34da6559_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e83a06d65d8f057775942bec34da6559_JaffaCakes118
Size

446KB
MD5

e83a06d65d8f057775942bec34da6559
SHA1

d38bca3a32f8b0e687a22a8a5c61159e27e4b14a
SHA256

b05cb3f61a6033baa114b88b9ecba715de2086971664a909bf080dea0b05613c
SHA512

882ee3df7ddfe2b426102ceb8089cf21444f45fee9e4d52a6c5436853a6518f93564ae24948372d755c980294f9ffcf9e8b4a391846820bcfade8204486cfd8a
SSDEEP

6144:/XnVu889RlZhjDncf4LZnwLVUQK+xiO9hi/ZmNPQCPRpvb3vrCOvuQ8AOtTeFHWF:/MZcwLZnkNKpOK/MNF5pzfNOuUPdYT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e83a06d65d8f057775942bec34da6559_JaffaCakes118

Files

e83a06d65d8f057775942bec34da6559_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1abaa029c75a0b76e36310ea61529809

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetHashParam
LookupPrivilegeNameA
RegSaveKeyA
CryptGenRandom
CryptExportKey
CryptImportKey
RegSetValueExA
LookupAccountNameA
CryptEnumProviderTypesW
RegCreateKeyExW
RegNotifyChangeKeyValue
RegSetValueW
RegQueryValueW
CryptGetDefaultProviderW

comdlg32

GetSaveFileNameW
ReplaceTextA
PageSetupDlgW
FindTextW

kernel32

GetDateFormatA
SetEnvironmentVariableA
GetUserDefaultLCID
HeapAlloc
TlsAlloc
GetPrivateProfileSectionNamesA
IsValidCodePage
VirtualFree
HeapDestroy
GetCurrentProcessId
EnumSystemLocalesA
GetFileAttributesA
LeaveCriticalSection
GetACP
LCMapStringA
GetTimeFormatA
GetOEMCP
TlsSetValue
TlsFree
SetLastError
VirtualQuery
VirtualProtect
GetStartupInfoA
TerminateProcess
GetCurrentProcess
HeapFree
WriteFile
GetProcAddress
GetStringTypeW
QueryPerformanceCounter
MultiByteToWideChar
LCMapStringW
GetLastError
GetLocaleInfoA
GetCurrentThreadId
UnhandledExceptionFilter
GetCurrentThread
IsBadWritePtr
GetStdHandle
GetModuleHandleA
InitializeCriticalSection
GetSystemTimeAsFileTime
RtlUnwind
InterlockedExchange
HeapReAlloc
IsValidLocale
GetCPInfo
GetStringTypeA
VirtualAlloc
GetEnvironmentStringsW
HeapSize
EnterCriticalSection
GetCommandLineA
DeleteCriticalSection
GetModuleFileNameA
LoadLibraryA
GetVersionExA
CompareStringW
GetTickCount
WideCharToMultiByte
GetFileType
HeapCreate
SetHandleCount
FreeEnvironmentStringsW
TlsGetValue
GetTimeZoneInformation
GetEnvironmentStrings
GetLocaleInfoW
GetSystemInfo
ExitProcess
CompareStringA
FreeEnvironmentStringsA

wininet

DeleteUrlCacheContainerA

user32

CheckMenuItem
LoadMenuW
IsCharUpperW
SetCursorPos
EnumChildWindows
DlgDirListComboBoxA
OpenWindowStationW
NotifyWinEvent
SetWindowsHookExW
ReleaseDC
LoadStringA
DdeGetData
EnumThreadWindows
GetTabbedTextExtentW
MoveWindow
ModifyMenuA
MonitorFromPoint
SetProcessWindowStation
UnregisterClassW
DragObject
DlgDirSelectExW
ChildWindowFromPointEx
PostQuitMessage
DestroyCaret

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1abaa029c75a0b76e36310ea61529809

Headers

File Characteristics

Imports

advapi32

comdlg32

kernel32

wininet

user32

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 7KB - Virtual size: 23KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 7KB - Virtual size: 23KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 13KB - Virtual size: 13KB