e9356379517f81ad0826341c53965654_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e9356379517f81ad0826341c53965654_JaffaCakes118
Size

481KB
MD5

e9356379517f81ad0826341c53965654
SHA1

b97585c38ed165375f277100095bf85d366f5410
SHA256

d39141be13eb90f98519f573f2707b17eb70f369e29cb3423d6cab17a16255c3
SHA512

26e1cf3e9a1dd0958dddc198ea3f03777af6e216105969470c3fd16bbb06e3bb1cce026b5900670d623ecf5346542a3741cbdf3741ef5aebdfabe5fe12b0e261
SSDEEP

12288:wpMiq7xyq3KhTL4aIiYBc7mcOeyjbxUTxT9zgol:eMi+HKhQabacBOFkxxkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9356379517f81ad0826341c53965654_JaffaCakes118

Files

e9356379517f81ad0826341c53965654_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab0c38ee5c0fb37f190e22cc92dfd6c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\htkusexj\

Imports

advapi32

CryptGetUserKey
LookupPrivilegeNameA
CreateServiceA
LookupAccountNameW
AbortSystemShutdownA
CryptEnumProviderTypesW
AbortSystemShutdownW
LookupPrivilegeValueA
RegOpenKeyW
CryptDuplicateKey
CryptReleaseContext
RegDeleteValueA
RegQueryValueA
RegSetValueA
RegCreateKeyW
RegCreateKeyExW
CryptDeriveKey
RegDeleteKeyW
ReportEventA
RegConnectRegistryA
CryptSetProviderExA
RegOpenKeyA
InitiateSystemShutdownA
RegSetValueExW

comdlg32

FindTextA
PageSetupDlgW

kernel32

GetCurrentProcess
GetConsoleCP
VirtualFree
WriteFile
CloseHandle
GetCurrentThread
RtlUnwind
GetEnvironmentStrings
TerminateProcess
WriteConsoleA
GetEnvironmentStringsW
InterlockedIncrement
IsDebuggerPresent
SetHandleCount
GetCPInfo
SetEnvironmentVariableA
LeaveCriticalSection
HeapFree
GetStdHandle
InterlockedDecrement
Sleep
CompareStringW
SetConsoleCtrlHandler
LCMapStringA
GetDateFormatA
TlsGetValue
GetCurrentProcessId
MultiByteToWideChar
EnumSystemLocalesA
VirtualAlloc
GetTimeFormatA
SetFilePointer
FreeEnvironmentStringsW
FreeLibrary
ReadFile
GetLocaleInfoA
InterlockedCompareExchange
IsValidCodePage
SetLastError
GetModuleHandleW
FreeEnvironmentStringsA
LoadLibraryA
TlsAlloc
WriteConsoleW
UnhandledExceptionFilter
HeapSize
GetUserDefaultLCID
GetProcAddress
HeapReAlloc
CreateMutexA
GetConsoleOutputCP
SetStdHandle
QueryPerformanceCounter
GetStringTypeA
EnterCriticalSection
GetOEMCP
LCMapStringW
CompareStringA
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
CreateFileA
TlsSetValue
DeleteCriticalSection
GetStartupInfoA
GetStringTypeW
GetConsoleMode
ExitProcess
HeapAlloc
HeapDestroy
GetACP
GetTickCount
GetLocaleInfoW
HeapCreate
IsValidLocale
GetCurrentThreadId
VirtualQuery
GetFileType
FlushFileBuffers
OpenMutexA
WideCharToMultiByte
TlsFree
GetLastError
GetSystemTimeAsFileTime
GetSystemTime
GetModuleFileNameA
SetUnhandledExceptionFilter
GetCommandLineA
InterlockedExchange
GetTimeZoneInformation

shell32

SheGetDirA
ExtractAssociatedIconExA
SHFileOperationW
DoEnvironmentSubstA
SHFileOperationA

comctl32

InitCommonControlsEx

user32

RegisterClassExA
LoadKeyboardLayoutA
CreateIconFromResource
ChangeMenuW
GetClassNameW
LoadCursorW
DialogBoxIndirectParamW
VkKeyScanExA
RegisterClassA
PostQuitMessage

wininet

InternetGetLastResponseInfoA
FtpCreateDirectoryW

Sections

.text
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab0c38ee5c0fb37f190e22cc92dfd6c7

Headers

File Characteristics

PDB Paths

Imports

advapi32

comdlg32

kernel32

shell32

comctl32

user32

wininet

Sections

.text Size: 326KB - Virtual size: 326KB

.rdata Size: 42KB - Virtual size: 61KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 326KB - Virtual size: 326KB

.rdata
Size: 42KB - Virtual size: 61KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 7KB - Virtual size: 7KB