e8f4708971f6ba93e736950c73fafea1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e8f4708971f6ba93e736950c73fafea1_JaffaCakes118
Size

324KB
MD5

e8f4708971f6ba93e736950c73fafea1
SHA1

db5bafa01473e38eaf82afa4a685ec3d6953c797
SHA256

ca864b1f7fe6c842007d4708364d1e37ba73d3c5801deb2cc011a24f9f76f8df
SHA512

c9b817a283b94c2c94461263b103f35e8d68e652866ebfcc8c712bd5bba945577c9df5c214779b7751d4ecff1e877124ba61bb60b0498e00b596abc2ac810614
SSDEEP

6144:/jFzHdz+DvaVyrrjIX3kAExpSO/enY52UQ2+8d+TT13nR5vXIBwx:759z+QgInnUpSoenwXXA9R5fnx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8f4708971f6ba93e736950c73fafea1_JaffaCakes118

Files

e8f4708971f6ba93e736950c73fafea1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

194dc4a63b684b055c4e990fa36c1b90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetAlgIdToStringW
FreeUrlCacheSpaceW
InternetTimeToSystemTime
UnlockUrlCacheEntryFileW
CreateUrlCacheEntryW

advapi32

RegLoadKeyA
CryptEnumProviderTypesW
RegEnumKeyExA
LogonUserW
RegLoadKeyW
DuplicateTokenEx
RegQueryValueW
InitiateSystemShutdownA
RegDeleteValueW
CryptDeriveKey
RegNotifyChangeKeyValue
CryptSignHashA
StartServiceA
RegQueryInfoKeyW
RegSetValueW

comdlg32

FindTextA
GetSaveFileNameW
GetFileTitleW
GetOpenFileNameA
PageSetupDlgW
GetOpenFileNameW
ChooseColorW
PageSetupDlgA
LoadAlterBitmap
ChooseFontA
PrintDlgA
ChooseColorA
ReplaceTextA
GetFileTitleA
FindTextW
PrintDlgW
ChooseFontW
GetSaveFileNameA

user32

DefDlgProcA
RegisterClassExW
DdeQueryConvInfo
GetClientRect
CharToOemW
DdeCreateDataHandle
KillTimer
BringWindowToTop
DdeCreateStringHandleW
GetDlgItemInt
SendDlgItemMessageW
RealChildWindowFromPoint
TileWindows
CreateMDIWindowA

kernel32

FindFirstFileExA
HeapValidate
HeapDestroy
VirtualAlloc
GetCPInfo
InterlockedExchange
InitializeCriticalSection
GetModuleFileNameA
GetCurrentThreadId
VirtualQueryEx
FillConsoleOutputCharacterA
FreeLibrary
GetProcAddress
HeapCreate
LCMapStringW
GetPrivateProfileSectionA
IsValidLocale
SetLastError
GetFileType
IsDebuggerPresent
FreeEnvironmentStringsW
TlsAlloc
HeapAlloc
CreateThread
GetFileAttributesExA
FreeEnvironmentStringsA
GetLocaleInfoW
IsValidCodePage
MultiByteToWideChar
LeaveCriticalSection
GetEnvironmentStrings
GetPrivateProfileIntA
WaitForMultipleObjectsEx
GetProcessHeap
HeapReAlloc
EnumSystemLocalesA
TlsSetValue
GetCurrentThread
WriteProfileSectionA
TlsFree
SetUnhandledExceptionFilter
GetLocaleInfoA
GetComputerNameA
InterlockedIncrement
GetSystemTimeAsFileTime
GetThreadTimes
GetEnvironmentStringsW
HeapFree
GetTickCount
LocalUnlock
CompareFileTime
CreateProcessW
CompareStringA
LCMapStringA
ExitProcess
VirtualFree
GetLastError
HeapSize
WriteFile
GetUserDefaultLCID
QueryPerformanceCounter
GetTimeFormatA
GetOEMCP
GetDriveTypeA
lstrcpyW
GetStdHandle
LoadLibraryA
InterlockedDecrement
GetModuleHandleA
Sleep
RtlUnwind
SetHandleCount
WideCharToMultiByte
TlsGetValue
GetDateFormatA
EnterCriticalSection
GetCurrentProcess
SetConsoleCtrlHandler
GetVersionExA
CompareStringW
LockResource
GetStringTypeA
SetVolumeLabelA
GetStringTypeW
DeleteCriticalSection
UnhandledExceptionFilter
GetPriorityClass
GetStartupInfoA
GetTimeZoneInformation
GetCommandLineA
GetCurrentProcessId
VirtualQuery
SetEnvironmentVariableA
TerminateProcess
DeleteFileW
GetACP

shell32

ExtractAssociatedIconA
FindExecutableA
InternalExtractIconListA
SHGetSpecialFolderPathW
SHInvokePrinterCommandW
SHLoadInProc
FreeIconList
SHEmptyRecycleBinA
ExtractAssociatedIconW
ExtractIconExA
DragQueryPoint
DragQueryFileW
SHGetFileInfo
SHUpdateRecycleBinIcon
SHBrowseForFolderA
ExtractIconA
SHBrowseForFolderW
SheGetDirA
ShellAboutW
DragFinish
SHFormatDrive
DoEnvironmentSubstW

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

194dc4a63b684b055c4e990fa36c1b90

Headers

File Characteristics

Imports

wininet

advapi32

comdlg32

user32

kernel32

shell32

Sections

.text Size: 195KB - Virtual size: 195KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 195KB - Virtual size: 195KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 10KB - Virtual size: 10KB