eb549b1eb6d42d60cda04b68de77566b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eb549b1eb6d42d60cda04b68de77566b_JaffaCakes118
Size

692KB
MD5

eb549b1eb6d42d60cda04b68de77566b
SHA1

fea13358c6877da8dbf5967e4d555c46d63a760b
SHA256

ca1aa9339add2f7d88b13b68d4bbe1c33b7f2a0b4e016cc25cba04b1b06b5ff0
SHA512

ed15a982e96994812efde45e96e81ba38e444c1367af6cd72b03343ed991c1cf23d0d2416f66c6eb90396db3fe0d529c145808bdebc379c3fa5db01445ce9dc0
SSDEEP

12288:cOGvK4cM9+FYcrRYsj+1qCGieyXbDiINh2cVaLLLV1RUMKNCYXVzRQG0V2UrwfRm:BGlAdYs6nGiNfVbAj+XUc4y5Da

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb549b1eb6d42d60cda04b68de77566b_JaffaCakes118

Files

eb549b1eb6d42d60cda04b68de77566b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

544234a064fff213a7894e21bdcba87d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
EnumCalendarInfoW
WideCharToMultiByte
GetUserDefaultLangID
SetFilePointer
IsValidLocale
LocalUnlock
GetModuleFileNameW
ReadConsoleW
GetStringTypeW
SetLastError
OpenMutexA
GetCurrentProcessId
GetNamedPipeHandleStateA
GetOEMCP
OutputDebugStringW
SetStdHandle
HeapValidate
GetCurrentProcess
GetLocaleInfoW
TerminateProcess
ExitProcess
SetEnvironmentVariableA
GetACP
CreateFileA
SetThreadLocale
HeapFree
GetCurrentThread
SetConsoleCtrlHandler
GetConsoleCP
GetUserDefaultLCID
LeaveCriticalSection
DebugBreak
VirtualQuery
WriteConsoleA
GetTempFileNameA
FreeEnvironmentStringsW
GetCurrencyFormatA
GetModuleFileNameA
TlsAlloc
LoadLibraryW
InterlockedDecrement
GetCurrentThreadId
FlushFileBuffers
InterlockedExchange
WriteConsoleW
LCMapStringW
TlsGetValue
GetVersionExA
HeapDestroy
GetConsoleOutputCP
HeapCreate
DeleteCriticalSection
GetProcAddress
LocalFileTimeToFileTime
IsBadReadPtr
VirtualAlloc
GetTimeFormatA
HeapAlloc
GetCommandLineW
FreeLibrary
GetStartupInfoA
GetStdHandle
GetModuleHandleW
GetFullPathNameW
QueryPerformanceCounter
GetTimeZoneInformation
SetLocaleInfoW
IsDebuggerPresent
TlsSetValue
ReadFile
GetTickCount
CompareStringW
SetConsoleCursorInfo
MultiByteToWideChar
InterlockedIncrement
GetModuleHandleA
CreateMutexA
HeapReAlloc
EnterCriticalSection
IsValidCodePage
RaiseException
GetSystemTimeAsFileTime
EnumSystemLocalesA
GetDateFormatA
lstrlenA
SetHandleCount
CloseHandle
lstrcmpA
FoldStringA
TlsFree
OpenSemaphoreA
RtlUnwind
GetConsoleMode
InitializeCriticalSection
GetLocaleInfoA
GetProcessHeap
UnhandledExceptionFilter
GetFileType
GetStartupInfoW
CompareStringA
LCMapStringA
SetLocaleInfoA
OutputDebugStringA
GetCurrentDirectoryW
GetStringTypeA
GetEnvironmentStrings
WriteFile
GetCommandLineA
LoadLibraryA
FreeEnvironmentStringsA
GetLastError
GetEnvironmentStringsW
VirtualFree
SetUnhandledExceptionFilter

advapi32

RegQueryValueExW
RegSaveKeyW
CryptGetKeyParam
CryptAcquireContextW
StartServiceA
RegSaveKeyA
RegSetValueW
CryptGetDefaultProviderA
LookupPrivilegeValueW
CryptHashSessionKey
RegEnumKeyExW
RegConnectRegistryA
RegQueryMultipleValuesA
RegOpenKeyW
RegConnectRegistryW
CryptCreateHash
CryptSetProvParam
RevertToSelf
CryptEncrypt
CryptVerifySignatureW
CryptDuplicateHash
RegFlushKey
CryptEnumProvidersA
RegCreateKeyExW

user32

SendIMEMessageExW
InsertMenuItemA
GetDC
GetWindowRgn
GetClipboardOwner
EnumDisplaySettingsW
LoadIconW
EndDeferWindowPos
UnregisterHotKey
GetTabbedTextExtentA
RegisterClassA
DdeDisconnectList
DdeAbandonTransaction
TrackPopupMenuEx
RegisterClassExA
ReuseDDElParam
ShowScrollBar
GetSysColorBrush
GetUserObjectInformationA
DdeCreateStringHandleA
LoadAcceleratorsA
ShowCursor
DeferWindowPos
LoadMenuW
LoadBitmapA

comctl32

InitCommonControlsEx

Sections

.text
Size: 455KB - Virtual size: 455KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

544234a064fff213a7894e21bdcba87d

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comctl32

Sections

.text Size: 455KB - Virtual size: 455KB

.rdata Size: 109KB - Virtual size: 137KB

.data Size: 109KB - Virtual size: 109KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 455KB - Virtual size: 455KB

.rdata
Size: 109KB - Virtual size: 137KB

.data
Size: 109KB - Virtual size: 109KB

.rsrc
Size: 17KB - Virtual size: 17KB