e918bb4079921bb9d37612fbd5c8f2d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e918bb4079921bb9d37612fbd5c8f2d0_JaffaCakes118
Size

416KB
MD5

e918bb4079921bb9d37612fbd5c8f2d0
SHA1

0802762ebbc5cb649d3ccb963ccae3e181ea9999
SHA256

8936803d9f50f5d67c2d24ac004715168dc20b5c9e6d4b5b0192bf52fd491aa0
SHA512

76e461c009ca6814f3bd60c28b3bfe584da1f899f11ad3a30bdae9cde1cb0686fec19d715f3a12a026189bdf6da9f89e80ddf94dba42b3214ed5eb12796dbacb
SSDEEP

6144:InP+C+ogxmqkZfqToFw+tKenPi/mtAOap2pW2aHBTZJ2sNZahTdk22zb:IPcHmqkNTYePi/WapmW1jJ2sNiGrb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e918bb4079921bb9d37612fbd5c8f2d0_JaffaCakes118

Files

e918bb4079921bb9d37612fbd5c8f2d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a376ff3c07e6a490010da93dd04deb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
InterlockedExchange
IsBadWritePtr
GetModuleFileNameW
GetProcAddress
HeapDestroy
FormatMessageA
TlsSetValue
GetFileType
InitializeCriticalSection
GetLastError
GetTickCount
SetLastError
VirtualQuery
GlobalAddAtomA
QueryPerformanceCounter
GetConsoleOutputCP
UnhandledExceptionFilter
ReleaseSemaphore
TlsAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
GetShortPathNameW
GetCPInfo
LoadLibraryA
GetACP
GetCurrentProcessId
FreeEnvironmentStringsW
ExitProcess
GetModuleHandleA
GetStartupInfoA
SetThreadPriority
GetCurrentThreadId
MultiByteToWideChar
VirtualFree
WriteFile
HeapAlloc
FoldStringA
RtlUnwind
GetOEMCP
ReadFile
GetStringTypeW
VirtualAlloc
GetCommandLineA
ReadConsoleOutputAttribute
HeapFree
LCMapStringA
SetConsoleTitleA
GetTimeZoneInformation
TerminateProcess
WideCharToMultiByte
GetConsoleScreenBufferInfo
GetPrivateProfileIntW
GetVersion
TlsFree
GetStdHandle
SetHandleCount
DeleteCriticalSection
GetCurrentThread
GetCalendarInfoW
GetEnvironmentStringsW
TlsGetValue
LCMapStringW
FillConsoleOutputAttribute
EnumSystemLocalesW
GetConsoleTitleW
GetEnvironmentStrings
HeapReAlloc
OpenWaitableTimerW
GetCurrentProcess
GetStringTypeA
LeaveCriticalSection
GetSystemTimeAsFileTime
HeapCreate

advapi32

RegQueryMultipleValuesW
RegCreateKeyExW
CryptSetProviderW
CryptDuplicateHash
RevertToSelf
LookupPrivilegeNameA
CryptDecrypt
CryptSetProvParam
RegReplaceKeyA
CryptGetHashParam
RegCreateKeyA
RegEnumKeyW
CryptEnumProvidersW
RegNotifyChangeKeyValue
StartServiceW
RegQueryValueW
CryptSetKeyParam
InitializeSecurityDescriptor
RegReplaceKeyW
RegSetValueExA
RegEnumKeyA
RegDeleteValueW
LookupSecurityDescriptorPartsW

user32

EndDeferWindowPos
GetKeyboardLayoutNameW
PostThreadMessageW
SendDlgItemMessageW
GetDlgItemTextW
IsWindow
SetCursorPos
ChangeMenuA
EnumDisplaySettingsExW
CreateWindowStationW
GetKeyState
UnhookWinEvent
SetForegroundWindow
SetWindowPos
OpenIcon
SetScrollInfo
BeginDeferWindowPos
ModifyMenuW
OpenWindowStationA
OpenInputDesktop
FindWindowExA
GetForegroundWindow

comdlg32

PrintDlgA
GetOpenFileNameW
ChooseFontA

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a376ff3c07e6a490010da93dd04deb8

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comdlg32

Sections

.text Size: 121KB - Virtual size: 121KB

.rdata Size: 4KB - Virtual size: 17KB

.data Size: 281KB - Virtual size: 281KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 4KB - Virtual size: 17KB

.data
Size: 281KB - Virtual size: 281KB

.rsrc
Size: 7KB - Virtual size: 7KB