e916efc8b315d97aeb8a33256c8c8b43_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e916efc8b315d97aeb8a33256c8c8b43_JaffaCakes118
Size

403KB
MD5

e916efc8b315d97aeb8a33256c8c8b43
SHA1

bf929275f415b82196c30810149977ae1cbd5023
SHA256

282b7ef55d47336586571877cfa669eb01658e93b9086ca8fc921c0c389ec71b
SHA512

ace3b02cfa629c9398ce78532562fc3a8810dfdf7273534df8d1d185b5e85c5425b6da9a98cc1e1aa985a6324cac1195f39a151e8ff993b659e3db492f2a4def
SSDEEP

6144:LfRfHCEDFYb938I+jdPWxZto4liNDQU/BMnEg9DnCmC3Ny23iDlO:NaWFYRejd4iNMY0Eg9DnC/c23D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e916efc8b315d97aeb8a33256c8c8b43_JaffaCakes118

Files

e916efc8b315d97aeb8a33256c8c8b43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dff76471d5ff89d0ed33eeded56d69aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
SetFilePointer
GetCommandLineA
GetPrivateProfileStructW
CreateFileA
SetConsoleCtrlHandler
WideCharToMultiByte
HeapDestroy
GetFileType
GetSystemTimeAsFileTime
GetModuleFileNameA
LoadModule
GetStdHandle
GetLocaleInfoW
InitializeCriticalSection
HeapCreate
FreeEnvironmentStringsW
EnumSystemCodePagesW
GetTimeZoneInformation
TerminateProcess
FreeEnvironmentStringsA
EnterCriticalSection
IsDebuggerPresent
GetTimeFormatA
VirtualAlloc
VirtualFree
WriteFile
GetEnvironmentStringsW
HeapSize
GetProcessHeap
GetConsoleCP
LeaveCriticalSection
GetEnvironmentStrings
GetVersionExA
Sleep
CreateProcessW
GetProcAddress
TlsGetValue
GetComputerNameA
TlsSetValue
GetStartupInfoA
GetTickCount
GetTempPathW
FreeLibrary
QueryPerformanceCounter
TlsFree
VirtualQuery
OpenWaitableTimerW
DeleteCriticalSection
GetModuleFileNameW
InterlockedDecrement
SetCurrentDirectoryA
SetLastError
GetLocaleInfoA
CompareStringW
SetEnvironmentVariableA
HeapFree
GetConsoleMode
VirtualLock
LoadLibraryA
FlushFileBuffers
GetLastError
GetCurrentThreadId
SetStdHandle
CreateMutexA
GetModuleHandleA
ReadFile
OpenProcess
TlsAlloc
GetCurrentProcess
GetDateFormatA
WriteConsoleA
CompareStringA
EnumSystemLocalesA
GetCommandLineW
MultiByteToWideChar
CreateWaitableTimerA
SetUnhandledExceptionFilter
IsValidLocale
GetCPInfo
GetStartupInfoW
GetStringTypeA
GetCurrentThread
RtlUnwind
ExitProcess
GetOEMCP
WriteProfileSectionW
GetCurrentProcessId
SetHandleCount
IsValidCodePage
LCMapStringW
CloseHandle
LCMapStringA
GetSystemInfo
SetLocaleInfoA
OpenMutexA
GetStringTypeW
InterlockedIncrement
GetUserDefaultLCID
UnhandledExceptionFilter
GetConsoleOutputCP
InterlockedExchange
HeapAlloc
WriteConsoleW
GetACP

shell32

SheSetCurDrive
DoEnvironmentSubstW
SHGetPathFromIDListA

user32

OemToCharBuffW
RegisterDeviceNotificationA
CreateWindowStationW
DdeReconnect
ShowCaret
CreateCaret
OpenInputDesktop
RegisterClassA
CascadeChildWindows
SetCursor
RegisterClassExA
SetClipboardViewer
SwitchDesktop
GetMenuItemInfoW
GetInputDesktop
EnableWindow
GetNextDlgGroupItem

comctl32

InitCommonControlsEx

wininet

FtpPutFileW
RegisterUrlCacheNotification
FtpRemoveDirectoryW
CreateUrlCacheContainerW
UnlockUrlCacheEntryStream
SetUrlCacheConfigInfoW
ShowSecurityInfo

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dff76471d5ff89d0ed33eeded56d69aa

Headers

File Characteristics

Imports

kernel32

shell32

user32

comctl32

wininet

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 10KB - Virtual size: 40KB

.data Size: 209KB - Virtual size: 209KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 10KB - Virtual size: 40KB

.data
Size: 209KB - Virtual size: 209KB

.rsrc
Size: 10KB - Virtual size: 10KB