f379b0cfb7a670d4c8c502c4df6a4893_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f379b0cfb7a670d4c8c502c4df6a4893_JaffaCakes118
Size

536KB
MD5

f379b0cfb7a670d4c8c502c4df6a4893
SHA1

71a1835b4f8c9c4c2b0436b2407afd6f293c57b5
SHA256

62c93612aedb628538b5990fa29d5190f045911dacc05a1921dbcb3bd45ad906
SHA512

f4fa19ad42872de1141ee2a3a12e0d332097e4595ac7d16fa77ed4c41aa7267fd3485d735e58506a16cd2372096fec0de261935796ef39e6dfb1ef77ffc67272
SSDEEP

12288:xrqI7hewZqvi6ms9uczQLFO2W6oKnhhK1HVC+LTiGLu:xrV7hjZqt9uczOFOPfqhKJIqTiGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f379b0cfb7a670d4c8c502c4df6a4893_JaffaCakes118

Files

f379b0cfb7a670d4c8c502c4df6a4893_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ee1edfb4a7d33dea62079bf6ae8292b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharPrevW
DialogBoxIndirectParamW
RegisterClassA
ChangeDisplaySettingsExA
RedrawWindow
GetDlgItemInt
GetScrollInfo
CallMsgFilterA
CreateAcceleratorTableA
RegisterClassExA
ShowWindowAsync
DialogBoxIndirectParamA
WinHelpW
InsertMenuItemA
DefWindowProcW
GetDoubleClickTime

comctl32

InitCommonControlsEx

gdi32

GetEnhMetaFilePaletteEntries
GetFontData
CloseMetaFile
FrameRgn
ChoosePixelFormat
GetICMProfileW
AddFontResourceA
GetRandomRgn
ColorCorrectPalette
GetOutlineTextMetricsW
GetRasterizerCaps
StartPage
SetRectRgn
PolyTextOutA
GetDIBits
Chord

kernel32

LCMapStringW
InterlockedCompareExchange
UnhandledExceptionFilter
EnumSystemLocalesA
VirtualAlloc
FreeEnvironmentStringsA
HeapFree
GetLocaleInfoA
FlushFileBuffers
GetCurrentThread
GetCurrentProcess
GetProcAddress
WriteFile
GetCommandLineA
GetACP
GetUserDefaultLCID
SetFilePointer
TlsFree
GetOEMCP
MultiByteToWideChar
GetEnvironmentStringsW
VirtualAllocEx
QueryPerformanceCounter
GetProfileSectionA
VirtualQuery
EnterCriticalSection
CompareStringA
VirtualProtect
TlsSetValue
IsBadWritePtr
CreateMutexA
GetSystemInfo
GetCurrentProcessId
OpenFile
HeapAlloc
GetFileType
TlsGetValue
LeaveCriticalSection
GetModuleHandleA
IsValidLocale
ReadFile
InterlockedExchange
VirtualFree
IsValidCodePage
DeleteCriticalSection
GetCPInfo
LoadLibraryA
GetDateFormatA
GetEnvironmentStrings
GetTickCount
SetEnvironmentVariableA
TerminateProcess
HeapDestroy
GetTimeFormatA
GetStringTypeW
SetHandleCount
CompareStringW
GetStartupInfoA
GetLocaleInfoW
GetVersionExA
SetStdHandle
RtlUnwind
GetTimeZoneInformation
HeapCreate
GetLastError
LocalFlags
HeapReAlloc
GetStdHandle
GetModuleFileNameA
SetLastError
ExitProcess
LCMapStringA
TlsAlloc
OpenMutexA
InitializeCriticalSection
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
lstrcpy
CloseHandle
GetStringTypeA
GetCurrentThreadId
HeapSize
WideCharToMultiByte

advapi32

RegOpenKeyA
RegQueryInfoKeyW
RegSaveKeyW
CryptSignHashA
RegDeleteKeyW
CryptSetProviderExA
LookupPrivilegeNameW
RegEnumKeyExA
InitializeSecurityDescriptor
RegFlushKey
RegRestoreKeyA
InitiateSystemShutdownW

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ee1edfb4a7d33dea62079bf6ae8292b

Headers

File Characteristics

Imports

user32

comctl32

gdi32

kernel32

advapi32

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 8KB - Virtual size: 24KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 8KB - Virtual size: 24KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 10KB - Virtual size: 10KB