ea7e003dd592aa84cf88e4d6aa89de87_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ea7e003dd592aa84cf88e4d6aa89de87_JaffaCakes118
Size

304KB
MD5

ea7e003dd592aa84cf88e4d6aa89de87
SHA1

47daf08e63935a5b3f97eec643f4c4d8db39178b
SHA256

dc37b2f8c74cefb77185de50d53c1bb61e499b66b3f64ed5d0eed8ec0b4c506b
SHA512

5684af17c4681fbc7406df560151e9b307455576a187a7f09a3add3555c38a24405d765371ed6f02638c919f314c8a0c1ff89b8eacce78434365d6eb4290bd55
SSDEEP

6144:tC06u8sXZtPmu/jEPgFc2QJIf2yccVej8qtdJtioGCpsby0CyEHi:tC06itOUjEP+p2yRVATt/lGCp0y6E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea7e003dd592aa84cf88e4d6aa89de87_JaffaCakes118

Files

ea7e003dd592aa84cf88e4d6aa89de87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4ad1a7fc1cb20adaacc5e77b96463b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpOpenRequestW

user32

SendMessageW
ChildWindowFromPointEx
ScrollWindow
RegisterClassExA
DdeQueryStringA
LookupIconIdFromDirectoryEx
RegisterClassA
GetWindowTextLengthW
LoadImageW
SwapMouseButton
DefFrameProcW
TranslateAccelerator
GetScrollInfo
MessageBoxW
GetShellWindow
EnumChildWindows
UnhookWinEvent
SetClassLongW
ValidateRect
CreateIconFromResourceEx
GetKeyboardState
DdeAddData
GetWindow
CloseClipboard

advapi32

RegDeleteKeyA
CryptContextAddRef
CryptGetProvParam
RegSaveKeyA
InitializeSecurityDescriptor
RegEnumKeyW
CryptVerifySignatureA
AbortSystemShutdownA
CryptSignHashW
RegQueryInfoKeyW
LookupAccountNameW
CryptDestroyKey
CryptImportKey
DuplicateTokenEx
RegConnectRegistryW
RegSaveKeyW
CryptVerifySignatureW
RegFlushKey

shell32

SheChangeDirA
DragQueryFileA
SHBrowseForFolderW
SHGetDataFromIDListW
SHFileOperationA

comdlg32

GetOpenFileNameA

comctl32

InitCommonControlsEx

kernel32

GetOEMCP
ReadFile
LoadLibraryA
FlushFileBuffers
LeaveCriticalSection
GetStringTypeA
VirtualQuery
GetEnvironmentStringsW
SetStdHandle
EnterCriticalSection
GetLocalTime
GetLogicalDrives
TlsSetValue
SetEnvironmentVariableA
LCMapStringW
SetHandleCount
RtlUnwind
CloseHandle
GetStdHandle
GetStartupInfoA
SetFilePointer
LCMapStringA
GetCurrentProcess
HeapReAlloc
GetCPInfo
HeapFree
TlsAlloc
FreeEnvironmentStringsW
HeapAlloc
GetModuleHandleA
TlsFree
GetCurrentThreadId
GetTickCount
FindFirstFileExA
GetCurrentProcessId
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetModuleFileNameA
OpenMutexA
SetLastError
IsBadWritePtr
GetSystemTime
GetStringTypeW
InitializeCriticalSection
InterlockedExchange
GetEnvironmentStrings
MultiByteToWideChar
InterlockedIncrement
FindResourceExW
CreateMutexA
CompareStringW
GetACP
TlsGetValue
HeapCreate
VirtualAlloc
GetLastError
InterlockedDecrement
TerminateProcess
GetVersion
QueryPerformanceCounter
WideCharToMultiByte
GetFileType
WriteFile
CompareStringA
VirtualFree
GetProcAddress
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThread
DeleteCriticalSection
ExitProcess
GetTimeZoneInformation
HeapDestroy

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4ad1a7fc1cb20adaacc5e77b96463b5

Headers

File Characteristics

Imports

wininet

user32

advapi32

shell32

comdlg32

comctl32

kernel32

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 5KB - Virtual size: 32KB

.data Size: 144KB - Virtual size: 143KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 5KB - Virtual size: 32KB

.data
Size: 144KB - Virtual size: 143KB

.rsrc
Size: 9KB - Virtual size: 9KB