f14b39f85f2042da1a8cdadf6aa727d1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f14b39f85f2042da1a8cdadf6aa727d1_JaffaCakes118
Size

556KB
MD5

f14b39f85f2042da1a8cdadf6aa727d1
SHA1

33854703ebc0d7a99a32cb2c991df9170e0d0a9d
SHA256

fb8e1c8005747ef776c25912114e71526da30f44f2b169643fb53c57eab2a553
SHA512

48fa400004c6b15eb87707c27af2d0db89f8a1deef4903d247e2747a84064032181a7031c6169d81a58e81adb0a8887e0aa51981705bb9673f05a0824cbd5291
SSDEEP

12288:IcIVak+3/THyD0ud45nNqXvnEIoMn1cp1WR7NJO:ITV03/THyDRdaNcpoM4c4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f14b39f85f2042da1a8cdadf6aa727d1_JaffaCakes118

Files

f14b39f85f2042da1a8cdadf6aa727d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ece18d38daec4e0e8ec5b0edafdde16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetConsoleOutputCP
GetStdHandle
GetLocaleInfoW
GetProcAddress
GetCommandLineA
GetCurrentThread
RtlUnwind
LocalShrink
Sleep
VirtualFree
TlsFree
GetConsoleCP
GetTimeFormatA
EnumCalendarInfoExW
GetCurrentThreadId
SetFilePointer
GetFullPathNameA
WriteConsoleA
SetUnhandledExceptionFilter
WritePrivateProfileSectionW
TlsGetValue
OpenMutexW
MultiByteToWideChar
GetProcessHeap
InitializeCriticalSection
HeapReAlloc
IsDebuggerPresent
QueryPerformanceCounter
IsValidCodePage
HeapAlloc
VirtualQuery
InterlockedExchange
SetEnvironmentVariableA
SetCurrentDirectoryW
GetDateFormatA
SetConsoleCtrlHandler
GetModuleFileNameA
GlobalUnlock
GetOEMCP
CreateFileA
GetEnvironmentStringsW
CompareStringA
LeaveCriticalSection
CreateMutexA
GetCurrentProcessId
GetSystemTimeAsFileTime
ReadFileEx
SetStdHandle
SetThreadLocale
IsValidLocale
TlsSetValue
GetVersionExA
InterlockedDecrement
CommConfigDialogA
CompareStringW
GetCPInfo
FreeEnvironmentStringsW
HeapFree
GetStringTypeW
DeleteCriticalSection
HeapCreate
SetHandleCount
GetLastError
HeapDestroy
InterlockedIncrement
OpenMutexA
WriteConsoleW
WriteFile
GetTimeZoneInformation
GetFileType
CloseHandle
ExitProcess
FreeEnvironmentStringsA
GetAtomNameA
GetACP
GetTickCount
GetDateFormatW
EnterCriticalSection
GetCurrentProcess
TlsAlloc
GetStartupInfoA
LCMapStringA
GlobalDeleteAtom
HeapSize
SetLastError
TerminateProcess
LCMapStringW
GetModuleHandleA
GetConsoleMode
GetUserDefaultLCID
FreeLibrary
GetPrivateProfileIntW
EnumSystemLocalesA
GetStringTypeA
WideCharToMultiByte
LoadLibraryA
ReadFile
UnhandledExceptionFilter
RemoveDirectoryA
VirtualAlloc
GetLocaleInfoA
GetEnvironmentStrings

user32

DispatchMessageA
UnionRect
SetClassLongA
SendDlgItemMessageA
GetClipboardData
DefDlgProcA
DlgDirListComboBoxW
RegisterClassA
GetScrollInfo
RegisterClassExA
GetTopWindow
GetParent
TrackPopupMenu
BroadcastSystemMessage
wvsprintfW
DlgDirSelectExA
GetWindowLongA
GrayStringA
GetAncestor
CharLowerA

comctl32

InitCommonControlsEx

wininet

RetrieveUrlCacheEntryFileA
FindFirstUrlCacheEntryA
HttpAddRequestHeadersW
FtpCreateDirectoryA
CreateUrlCacheContainerW
InternetGetConnectedStateEx
HttpSendRequestW
SetUrlCacheEntryInfoA

advapi32

RegOpenKeyA
CryptSetProviderExA
RegQueryInfoKeyW
CryptReleaseContext
LookupAccountNameA
RegDeleteValueA
CryptDestroyKey
CryptHashData
InitiateSystemShutdownW
LookupPrivilegeDisplayNameA
LookupPrivilegeNameA
CryptDestroyHash
RegCreateKeyA
RegCloseKey
RegQueryValueExW
RegSetKeySecurity
RegReplaceKeyW
RegNotifyChangeKeyValue
LookupSecurityDescriptorPartsA
StartServiceA

shell32

ShellAboutW
SHGetDataFromIDListW
ExtractIconW
SHFileOperation
ExtractIconExA

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ece18d38daec4e0e8ec5b0edafdde16

Headers

File Characteristics

Imports

kernel32

user32

comctl32

wininet

advapi32

shell32

Sections

.text Size: 217KB - Virtual size: 217KB

.rdata Size: 11KB - Virtual size: 38KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 217KB - Virtual size: 217KB

.rdata
Size: 11KB - Virtual size: 38KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 13KB - Virtual size: 12KB