ea6a9c52d3ff52d9033aeecffbf0d112_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea6a9c52d3ff52d9033aeecffbf0d112_JaffaCakes118
Size

448KB
MD5

ea6a9c52d3ff52d9033aeecffbf0d112
SHA1

ccb5c4fd3efa5a86b9f8ccab25caec3aac4ca269
SHA256

f6ba6e7af20dd450a9b38bf9dbf96e7415d6123d495cf067c19a77d144b172a0
SHA512

5d1b3745f0932b58ce4f7abbdb3a68ece018ba55247ed5cd153f2ff005c7714de82699feb85f49cec1b90fd5881d4f2d0fa7689e122df899c00717a45f8a2abd
SSDEEP

12288:2xk9oJtmjuX9XINH+JU+RId2oylMXls6hfCSVrqo0Qz4erqGTuM2h:OVtmc9YGhSaFOrtLru3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea6a9c52d3ff52d9033aeecffbf0d112_JaffaCakes118

Files

ea6a9c52d3ff52d9033aeecffbf0d112_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3745b54672e8facc51a302e60a7a05e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetDIBitsToDevice
GetObjectA
CreateFontA
PolyDraw
GetMiterLimit
GetTextCharsetInfo
GetFontData
ExtTextOutA
EnumICMProfilesA
GdiPlayJournal
OffsetWindowOrgEx
SetRectRgn
GetRandomRgn
SetICMProfileA
EnumFontFamiliesW
CreateDCA
CreateICW
SetGraphicsMode
SelectClipRgn
SetPixelFormat
SetBitmapBits

advapi32

CryptGetKeyParam
CryptGenRandom
DuplicateTokenEx
RegConnectRegistryA
LookupAccountSidW
RegCreateKeyW
RegQueryInfoKeyA
RegSetKeySecurity
CryptExportKey
RegOpenKeyA
RegOpenKeyExW
CryptDestroyHash
CryptSetProviderW
RegQueryValueW
RegEnumValueW
CryptImportKey
RegDeleteValueW
RegEnumKeyExA
RegQueryValueExW
RegQueryInfoKeyW
LookupSecurityDescriptorPartsA
RegLoadKeyA
LookupAccountSidA
RegDeleteValueA
CryptSetProviderExW

kernel32

InterlockedDecrement
WriteFile
GetCommandLineA
WideCharToMultiByte
FreeEnvironmentStringsA
TlsAlloc
HeapSize
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlUnwind
VirtualFree
GetLastError
InterlockedIncrement
GetCurrentProcessId
HeapReAlloc
GetModuleFileNameA
GetStringTypeA
TlsGetValue
DebugBreak
GetModuleHandleA
GetCurrentProcess
GetTickCount
Sleep
TlsFree
GetLocaleInfoW
DeleteCriticalSection
GetStartupInfoA
HeapFree
HeapDestroy
GetThreadContext
GetProcessHeap
FreeLibrary
GetEnvironmentStrings
InitializeCriticalSectionAndSpinCount
HeapCreate
GetOEMCP
GetCPInfo
CompareStringW
CompareStringA
GetACP
VirtualAlloc
TlsSetValue
FreeEnvironmentStringsW
VirtualQuery
GetFileType
GetTimeZoneInformation
HeapAlloc
GetCurrentThread
SetUnhandledExceptionFilter
SetEnvironmentVariableA
IsValidLocale
LCMapStringW
GetUserDefaultLCID
IsValidCodePage
GetEnvironmentVariableW
SetConsoleCtrlHandler
GlobalFree
GetTimeFormatA
EnumSystemLocalesA
GetEnvironmentStringsW
EnterCriticalSection
GetModuleHandleW
IsDebuggerPresent
TerminateProcess
GetLocaleInfoA
UnhandledExceptionFilter
GetDateFormatA
LCMapStringA
GetStringTypeW
SetLastError
MultiByteToWideChar
GetProcAddress
LoadLibraryA
InterlockedExchange
GetStdHandle
ExitProcess
SetHandleCount
LeaveCriticalSection
QueryPerformanceCounter

user32

CreateAcceleratorTableA
FillRect
EnumClipboardFormats

wininet

RetrieveUrlCacheEntryFileW

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3745b54672e8facc51a302e60a7a05e7

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

wininet

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 9KB - Virtual size: 38KB

.data Size: 285KB - Virtual size: 284KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 9KB - Virtual size: 38KB

.data
Size: 285KB - Virtual size: 284KB

.rsrc
Size: 6KB - Virtual size: 5KB