ed790966b0844509ec09aac39fae0cf9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ed790966b0844509ec09aac39fae0cf9_JaffaCakes118
Size

476KB
MD5

ed790966b0844509ec09aac39fae0cf9
SHA1

25b87b9fadfcad68d3bf9409bac6551d44ddfc6e
SHA256

bf3dd321e1c947aea57dc7492c57d06d0dbe727277361c315e3b3d137e241241
SHA512

115e2c023eb548bdd71bc6393d6ca37fd3a3f0119e92546ea649aedf238c5d48f2e914b57332c507d76bf9ea11ea6150fdd8c45de984031b264bfdb0a807f433
SSDEEP

12288:Jsc8VA+ofLPNeV7dQH5jPfbQs7FJM09WuyEY4o2jVwtDSwh1:acKA+0eXIjPfT7vThyEFBASg1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed790966b0844509ec09aac39fae0cf9_JaffaCakes118

Files

ed790966b0844509ec09aac39fae0cf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1886006b52e4562969b09360f6f686d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
ChooseColorW
PageSetupDlgA
FindTextA

user32

TrackPopupMenuEx
DdePostAdvise
GetKeyboardState
TranslateMDISysAccel
ClientToScreen
LockWindowUpdate
ChangeDisplaySettingsExW
CallNextHookEx
CreateCursor
GetAltTabInfo
AdjustWindowRectEx
SetMessageExtraInfo
GetMenuCheckMarkDimensions
PtInRect
LoadStringW
DdeAddData
LoadMenuA
SwitchToThisWindow
SetMenuItemBitmaps
ToUnicode
EnableScrollBar
GetComboBoxInfo
SetTimer

kernel32

SetUnhandledExceptionFilter
IsValidLocale
CreateFileMappingW
SetHandleCount
GetEnvironmentStringsA
FreeResource
GetModuleHandleA
InitializeCriticalSection
GetCurrentThreadId
GetStdHandle
SetConsoleCursorInfo
HeapAlloc
TlsSetValue
GetStringTypeW
GetProcessHeap
HeapDestroy
FileTimeToDosDateTime
SetLocalTime
TlsGetValue
GetCommandLineA
GetLocaleInfoA
FreeEnvironmentStringsA
GetConsoleScreenBufferInfo
DeleteCriticalSection
TlsAlloc
UnmapViewOfFile
GetVersionExA
FreeEnvironmentStringsW
HeapCreate
GetCurrentProcessId
SetLastError
VirtualQuery
HeapFree
GetEnvironmentStringsW
RtlUnwind
GetUserDefaultLCID
WideCharToMultiByte
GetCPInfo
FreeLibrary
GetACP
WaitForSingleObject
InterlockedIncrement
VirtualFree
GetLocaleInfoW
GetModuleFileNameA
HeapReAlloc
EnumSystemLocalesA
ExitProcess
QueryPerformanceCounter
GetEnvironmentStrings
LCMapStringA
GetProcAddress
IsValidCodePage
CompareStringA
GetLastError
EnterCriticalSection
CompareStringW
LoadLibraryA
SetEnvironmentVariableA
GetSystemTimeAsFileTime
Sleep
CopyFileExA
LeaveCriticalSection
LCMapStringW
InterlockedDecrement
MultiByteToWideChar
VirtualAlloc
GetTimeFormatA
GetDateFormatA
GetOEMCP
WriteFile
SetConsoleCtrlHandler
GetTimeZoneInformation
GetTickCount
TlsFree
TerminateProcess
GetStartupInfoA
UnhandledExceptionFilter
GetStringTypeA
GetFileType
HeapSize
GetCurrentThread
GetCurrentProcess
InterlockedExchange
IsDebuggerPresent

advapi32

RegEnumKeyExW
StartServiceW
CryptEnumProviderTypesW
ReportEventW
RegQueryMultipleValuesW
LookupPrivilegeDisplayNameA
RegOpenKeyW
RegCreateKeyExW
CryptGetKeyParam
RegOpenKeyExA
RegRestoreKeyW
CryptSetProvParam
RegEnumKeyExA
CryptGetDefaultProviderW
RegReplaceKeyA
CryptDuplicateKey
LogonUserW
RegDeleteValueW

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1886006b52e4562969b09360f6f686d7

Headers

File Characteristics

Imports

comdlg32

user32

kernel32

advapi32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 9KB - Virtual size: 18KB

.data Size: 282KB - Virtual size: 282KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 9KB - Virtual size: 18KB

.data
Size: 282KB - Virtual size: 282KB

.rsrc
Size: 11KB - Virtual size: 11KB