f30262a155eaf31335a56601766b197c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f30262a155eaf31335a56601766b197c_JaffaCakes118
Size

425KB
MD5

f30262a155eaf31335a56601766b197c
SHA1

dec2d09cb77e24377c3edba0fd102dc213c7ff13
SHA256

50eef022a36d24d438674884f38e4aebb8576848aa5523bc42d7b2801e353594
SHA512

8380446ee76b11522b867e7a825bded5d70ce133da6a68ecb83f2b22c24d8e8f688d4b765f91b0c3d381b9d45d51063f5c77b1e3e4770ca9814a0aaf5fa9860d
SSDEEP

12288:pUGnQc9wdqZAE1B0C+Fo30P9w6qGqLROzmK:pUGnQcbZ7X0JFo30Fuz1O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f30262a155eaf31335a56601766b197c_JaffaCakes118

Files

f30262a155eaf31335a56601766b197c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

977ebeaf46034abfaa7fc6a7d8717ccb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
LookupPrivilegeValueW

shell32

SHFormatDrive
CommandLineToArgvW
SHGetSettings
SHFreeNameMappings

wininet

InternetCrackUrlW
InternetGetCookieW
InternetSetOptionA

kernel32

SetConsoleCtrlHandler
WideCharToMultiByte
QueryPerformanceCounter
GetOEMCP
GetFileType
GetModuleFileNameA
GetEnvironmentStringsW
EnterCriticalSection
RtlUnwind
InitializeCriticalSection
FreeLibrary
CompareStringA
IsValidCodePage
TlsGetValue
GetTickCount
GetModuleHandleA
VirtualQuery
GetCommandLineW
LCMapStringW
ExitProcess
GetACP
LeaveCriticalSection
LCMapStringA
GetLastError
HeapCreate
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetCurrentThreadId
FreeEnvironmentStringsW
GetStartupInfoA
GetSystemTimeAsFileTime
GetDateFormatA
GetCurrentProcess
IsValidLocale
GetStartupInfoW
FreeEnvironmentStringsA
InterlockedIncrement
HeapAlloc
SetUnhandledExceptionFilter
InterlockedDecrement
VirtualAlloc
TlsAlloc
GetUserDefaultLCID
EnumSystemLocalesA
TerminateProcess
GetProcessHeap
InterlockedExchange
Sleep
UnhandledExceptionFilter
SetEnvironmentVariableA
GetVersionExA
IsDebuggerPresent
GetCPInfo
TlsSetValue
HeapDestroy
CompareStringW
WriteFile
OpenFileMappingA
SetLastError
GetProcAddress
VirtualFree
LoadLibraryA
TlsFree
GetModuleFileNameW
VirtualUnlock
GetTimeFormatA
SetHandleCount
GetCommandLineA
GetStdHandle
DeleteCriticalSection
GetCurrentThread
GetTimeZoneInformation
GetEnvironmentStrings
UnmapViewOfFile
GetProfileIntW
HeapSize
GetLocaleInfoA
GetLocaleInfoW
GetCurrentProcessId
HeapReAlloc
HeapFree

user32

IsWindowUnicode
LoadBitmapA
WINNLSGetIMEHotkey
DrawTextA
GetMenuDefaultItem
UnhookWindowsHook
CopyAcceleratorTableA
GetDoubleClickTime
CallMsgFilterA
GetWindow
IsCharLowerA
GetClassInfoW
GetClassLongA
ShowOwnedPopups
AdjustWindowRectEx
LookupIconIdFromDirectoryEx
IsRectEmpty
DdeUnaccessData
CreateDesktopA
GetWindowInfo
GetPriorityClipboardFormat
IsCharAlphaA
PostMessageA
ChangeDisplaySettingsW
DdeSetUserHandle

comdlg32

FindTextA
FindTextW
ChooseColorW
GetOpenFileNameW

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

977ebeaf46034abfaa7fc6a7d8717ccb

Headers

File Characteristics

Imports

advapi32

shell32

wininet

kernel32

user32

comdlg32

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 9KB - Virtual size: 38KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 9KB - Virtual size: 38KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 12KB - Virtual size: 11KB