e94a7b3fb6e69c8fbae2cd67943a5ba6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e94a7b3fb6e69c8fbae2cd67943a5ba6_JaffaCakes118
Size

467KB
MD5

e94a7b3fb6e69c8fbae2cd67943a5ba6
SHA1

601b82948f7ab74bf4dac34b158a38bd4b36c72f
SHA256

4a352448d23442f9080d0cef4e38ef7eb7eda14ca692e22e28edba83a419d8cf
SHA512

0674c9d4a20296496815ab78163fa0d8d037e1756b75174908bec8c2dc61786faa1fa095f92d465c454089c7881fb43bf7cb100d8fb3524e00c53fec6469ecbe
SSDEEP

6144:72kdsTiZknELSu1qSmOQimVvsRZtE/cmpAmUWs9niq47YMv+WaWYcXwMzBOHsWxV:Gi6aqdO2VvgZtE/cm9WViqwv3aqgMGF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e94a7b3fb6e69c8fbae2cd67943a5ba6_JaffaCakes118

Files

e94a7b3fb6e69c8fbae2cd67943a5ba6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e16b486729e5771feade73356ee37175

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
CryptAcquireContextA
RegQueryValueW
CryptGetHashParam
CryptGenKey
CryptVerifySignatureW
RegQueryInfoKeyW
RegOpenKeyW
CryptDecrypt
RegNotifyChangeKeyValue
CryptReleaseContext
CryptGetProvParam
RegOpenKeyExA
RegOpenKeyExW
RegQueryMultipleValuesA
RegConnectRegistryA
StartServiceA
RegReplaceKeyW
RegCreateKeyExA
RegCreateKeyExW

comctl32

InitCommonControlsEx

wininet

IsUrlCacheEntryExpiredA
FtpFindFirstFileA
FreeUrlCacheSpaceW
FtpOpenFileW

gdi32

GetEnhMetaFileW
GetTextMetricsA
AngleArc
AddFontResourceA
SetBkColor
Pie
OffsetRgn
SwapBuffers
CreateFontIndirectW
GetViewportExtEx
PolyPolygon
OffsetViewportOrgEx
GetClipRgn
GetObjectA
FillRgn
GetCurrentPositionEx
SetTextColor
SetICMMode

kernel32

GetCurrentThread
InterlockedIncrement
GetStringTypeW
TlsFree
InterlockedExchange
TlsSetValue
RtlUnwind
GetVersion
TerminateProcess
TlsAlloc
CreateMutexA
CompareStringW
GetProcAddress
HeapCreate
InitializeCriticalSection
SetStdHandle
SetLastError
WideCharToMultiByte
GetSystemTime
GetModuleFileNameA
CompareStringA
InterlockedDecrement
ExitProcess
GetCurrentProcess
VirtualQuery
GetStartupInfoA
LCMapStringW
EnterCriticalSection
WriteFile
WaitForMultipleObjects
HeapReAlloc
GetCPInfo
GetStringTypeA
FreeEnvironmentStringsW
GetLocalTime
SetEnvironmentVariableA
MultiByteToWideChar
GetTimeZoneInformation
DeleteCriticalSection
GetEnvironmentStrings
GetFileType
GetModuleHandleA
CloseHandle
HeapDestroy
FlushFileBuffers
HeapFree
SetFilePointer
GetCurrentThreadId
VirtualAlloc
LoadLibraryA
GetEnvironmentStringsW
ReadFile
VirtualFree
LCMapStringA
OpenMutexA
LeaveCriticalSection
GetACP
GetCurrentProcessId
GetOEMCP
TlsGetValue
FreeEnvironmentStringsA
SetHandleCount
GetLastError
GetStdHandle
GetTickCount
HeapAlloc
GetCommandLineA
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
UnhandledExceptionFilter

comdlg32

PageSetupDlgA
GetSaveFileNameA
ChooseFontA
PrintDlgA

user32

UnregisterClassA
DlgDirSelectExW
GetWindowRect
CreateDialogIndirectParamW
RegisterClassExA
CopyIcon
DdePostAdvise
GetWindowDC
EnumDisplayDevicesW
CopyAcceleratorTableW
DeferWindowPos
ShowCursor
IsDlgButtonChecked
OpenWindowStationW
SetWindowsHookA
SendInput
MessageBeep
CreateIconFromResourceEx
GetWindowRgn
IsCharUpperW
IsZoomed
SetProcessWindowStation
RegisterClassA
CharPrevA
OpenClipboard

Sections

.text
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e16b486729e5771feade73356ee37175

Headers

File Characteristics

Imports

advapi32

comctl32

wininet

gdi32

kernel32

comdlg32

user32

Sections

.text Size: 305KB - Virtual size: 305KB

.rdata Size: 43KB - Virtual size: 67KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 305KB - Virtual size: 305KB

.rdata
Size: 43KB - Virtual size: 67KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 15KB - Virtual size: 14KB