e86de35b82d80031f448f973ca9373e4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e86de35b82d80031f448f973ca9373e4_JaffaCakes118
Size

587KB
MD5

e86de35b82d80031f448f973ca9373e4
SHA1

7ce989b8b6f42ce058f11b02b12dd12523fdf10b
SHA256

2f10e5b000fb3f60715b4634af68baeb87a9eda29d23557ff3f432dcba87ea8e
SHA512

e2525a435e88ebe22d9eedead23fdea858774c2e84b3cea354b592e8015dc63c1a4659f44d01ea06a9bf8a0cff6868b61602a70979ec6e4e752c4594e8edf588
SSDEEP

12288:3zum35YLEQ8ftX0ho2mmREPzRQDCFJ3FKS4T6:Sm35YLNyX0hoNmR8zkCJ3FKg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e86de35b82d80031f448f973ca9373e4_JaffaCakes118

Files

e86de35b82d80031f448f973ca9373e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f7ae3405a40a9b7b02489c0485b8d39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFile
ShellExecuteA

kernel32

FindResourceExW
GetModuleFileNameA
GetFullPathNameW
ReadFile
GetProcAddress
WaitForMultipleObjectsEx
InitializeCriticalSectionAndSpinCount
CreateRemoteThread
FindClose
CreateMutexA
GetEnvironmentVariableA
RtlFillMemory
GetOEMCP
SetConsoleCursorInfo
OpenMutexW
TlsSetValue
GetCompressedFileSizeW
FindResourceExA
SetLastError
ReleaseSemaphore
GetEnvironmentStrings
CreatePipe
CreateDirectoryA
MultiByteToWideChar
TerminateProcess
SystemTimeToFileTime
WriteConsoleW
FindNextChangeNotification
GetThreadTimes
CreateProcessW
GetSystemDefaultLCID
TlsGetValue
OpenSemaphoreA
FlushFileBuffers
OpenProcess
GetComputerNameA
ExitProcess
LCMapStringW
UnlockFileEx
GetStartupInfoA
HeapReAlloc
CreateFileW
GetSystemInfo
LCMapStringA
GetPrivateProfileSectionA
GetTimeZoneInformation
GetDateFormatA
VirtualAllocEx
LocalAlloc
GetLastError
GetDiskFreeSpaceExA
TransactNamedPipe
LocalFileTimeToFileTime
LeaveCriticalSection
GetStringTypeW
FreeLibraryAndExitThread
GetStdHandle
GetTickCount
DeleteCriticalSection
DosDateTimeToFileTime
GetCurrentDirectoryW
QueryPerformanceCounter
IsValidCodePage
GetModuleHandleA
EnumSystemLocalesA
HeapSize
CreateNamedPipeW
FreeEnvironmentStringsW
MoveFileExA
GetPrivateProfileStringA
IsBadWritePtr
RtlUnwind
GetPriorityClass
GetProcessHeap
VirtualQuery
VirtualProtect
SetStdHandle
GetThreadSelectorEntry
GetSystemTimeAsFileTime
VirtualLock
WideCharToMultiByte
HeapDestroy
WriteConsoleOutputW
FoldStringA
SetHandleCount
GetTimeFormatA
GetStringTypeA
GetFileAttributesExW
GetCurrentProcessId
FreeEnvironmentStringsA
SetFilePointer
TlsFree
GetShortPathNameA
GetPrivateProfileSectionNamesW
TlsAlloc
GetCurrentThread
GetProfileIntA
InterlockedExchange
lstrcmpA
SuspendThread
WriteConsoleA
GetCurrentThreadId
GetEnvironmentStringsW
HeapAlloc
LoadLibraryA
SetEnvironmentVariableA
GetUserDefaultLCID
CompareStringA
UnmapViewOfFile
GetLocaleInfoW
FlushConsoleInputBuffer
CloseHandle
OpenMutexA
CreateProcessA
IsValidLocale
WriteConsoleInputA
lstrcat
GetCommandLineA
HeapFree
GlobalFindAtomW
GetCPInfo
IsBadReadPtr
GetACP
ExitThread
GetFileType
WriteFile
UnhandledExceptionFilter
GetVersionExA
CompareStringW
GetCurrentProcess
HeapCreate
VirtualAlloc
FindAtomA
EnumCalendarInfoW
GetLocaleInfoA
GetSystemTime
VirtualFree
EnterCriticalSection
DeleteFiber
WriteConsoleOutputAttribute
InitializeCriticalSection
GetNamedPipeInfo
IsDebuggerPresent

comctl32

ImageList_Duplicate
InitCommonControlsEx
ImageList_AddMasked
ImageList_SetIconSize
ImageList_LoadImage
CreateStatusWindowA
ImageList_Draw
ImageList_DrawEx
ImageList_ReplaceIcon
CreatePropertySheetPageA
ImageList_GetImageInfo
ImageList_DragEnter
ImageList_BeginDrag
ImageList_DragShowNolock
CreateStatusWindowW
ImageList_SetDragCursorImage
ImageList_Read
ImageList_Copy
ImageList_Replace

user32

DestroyWindow
DdeCreateDataHandle
DlgDirListA
CallMsgFilterW
MessageBoxIndirectA
RegisterClassExA
IsCharAlphaNumericW
SetActiveWindow
wvsprintfW
GetClassLongA
GetWindowLongA
UnloadKeyboardLayout
OpenWindowStationW
WaitForInputIdle
SendNotifyMessageW
GetClipboardFormatNameW
ArrangeIconicWindows
ToAscii
LookupIconIdFromDirectoryEx
CharPrevA
BroadcastSystemMessageW
WindowFromDC
CallMsgFilterA
ExitWindowsEx
wvsprintfA
MessageBoxA
GetTopWindow
RegisterClassA
GetMenuItemInfoA
GetMenuCheckMarkDimensions
DefWindowProcA
GetIconInfo
ToAsciiEx
RegisterClipboardFormatW
CreateWindowExW
DrawFrameControl
DlgDirSelectExW
SetCapture
GrayStringA
GetClassNameA
PostMessageA
ShowWindow
PostThreadMessageW
GetCursorPos
GetGuiResources
NotifyWinEvent
OpenInputDesktop
GetInputState
LoadMenuIndirectA
GetSystemMetrics
LoadAcceleratorsA
DdeDisconnect
SetWinEventHook
DestroyAcceleratorTable
DdeClientTransaction

wininet

FtpRenameFileA
InternetAlgIdToStringW

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f7ae3405a40a9b7b02489c0485b8d39

Headers

File Characteristics

Imports

shell32

kernel32

comctl32

user32

wininet

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 113KB - Virtual size: 138KB

.rsrc Size: 68KB - Virtual size: 67KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 113KB - Virtual size: 138KB

.rsrc
Size: 68KB - Virtual size: 67KB