f6abb0ce5d1ddfd0d593e284bc9bba5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f6abb0ce5d1ddfd0d593e284bc9bba5f_JaffaCakes118
Size

410KB
MD5

f6abb0ce5d1ddfd0d593e284bc9bba5f
SHA1

70763ef1901685476148a4d91ddb18f09e6cbd7c
SHA256

01925f54670fb8858de4d2db6a5b08ba89bed0c2e385fcf5a00c0cbff6d70ff9
SHA512

9adcb3118764813fc1b7201b67adad2ce968e6149c1bdb96ec27e5393a09c17eda57b8d06a5d33dcce181af0c0d70986a6ac7b7a9dd1a77fe50f8416f29e3875
SSDEEP

12288:o/MpCPRDEu8k49upPnZOEWg3STkmzIb5M81C/Ml:4MUZNfNyT5cbyF/M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6abb0ce5d1ddfd0d593e284bc9bba5f_JaffaCakes118

Files

f6abb0ce5d1ddfd0d593e284bc9bba5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b02dedf565b81b703990c75615e1ec85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesExW
FixBrushOrgEx

advapi32

RegRestoreKeyA
RegQueryValueA
RegDeleteValueA
RegDeleteValueW
RegOpenKeyA
CryptSetKeyParam
RegCloseKey
RegOpenKeyW
RegQueryValueExA
RegSetValueA
RegQueryValueW
LookupAccountSidW
CryptImportKey
CryptSetProviderA
CryptSignHashA
RevertToSelf
CryptGetHashParam
CryptDuplicateHash
CryptGetKeyParam
RegSetKeySecurity
RegQueryMultipleValuesW
RegQueryInfoKeyW

comdlg32

PrintDlgA
FindTextW
ChooseFontA
ChooseColorA
ReplaceTextA
GetSaveFileNameA
GetFileTitleA
GetOpenFileNameW
FindTextA
GetSaveFileNameW

shell32

FindExecutableA
ShellAboutA
ExtractAssociatedIconExA
SHFileOperationW
SheGetDirA
SHGetDesktopFolder
DragQueryPoint
SHBrowseForFolderW
SHGetDataFromIDListW
SheChangeDirA
ExtractIconEx
FindExecutableW
SHGetSpecialFolderLocation
ShellExecuteExW
SHFormatDrive
CheckEscapesW

kernel32

WideCharToMultiByte
TerminateProcess
GetStringTypeW
TlsGetValue
GetCurrentThread
FindFirstFileExW
GetTickCount
HeapSize
GetCPInfo
GetFileType
HeapAlloc
VirtualQuery
GetStdHandle
GetLocaleInfoA
ReadConsoleOutputA
GetPrivateProfileSectionNamesA
GetUserDefaultLCID
GetFileAttributesA
FreeLibrary
WriteFile
OpenFileMappingA
HeapCreate
SetFilePointer
HeapReAlloc
GetTimeZoneInformation
TlsAlloc
lstrcat
GetModuleFileNameW
GetACP
InterlockedDecrement
ExitProcess
GetCurrentProcessId
VirtualAlloc
SetUnhandledExceptionFilter
LoadLibraryA
LeaveCriticalSection
GetModuleFileNameA
TlsFree
LCMapStringW
UnhandledExceptionFilter
IsDebuggerPresent
GetProcessHeap
GetDateFormatA
CompareStringW
GetStringTypeA
SetLastError
GetLocaleInfoW
SetConsoleCtrlHandler
EnumSystemLocalesA
GetEnvironmentStrings
WriteProfileStringA
GetCurrentProcess
GetStartupInfoA
HeapDestroy
GetCurrentThreadId
GetVersionExA
LocalFlags
FreeEnvironmentStringsW
GetEnvironmentStringsA
LCMapStringA
GetSystemTimeAsFileTime
GetProcAddress
InterlockedExchange
MultiByteToWideChar
SetHandleCount
DeleteCriticalSection
SetEnvironmentVariableA
GetLastError
GetStartupInfoW
FreeEnvironmentStringsA
InitializeCriticalSection
GetOEMCP
IsValidLocale
CompareStringA
VirtualFree
GetCommandLineW
RtlMoveMemory
EnterCriticalSection
LockResource
GetModuleHandleA
SetEndOfFile
Sleep
IsValidCodePage
InterlockedIncrement
RtlUnwind
GetTimeFormatA
GetConsoleTitleA
HeapFree
GetEnvironmentStringsW
QueryPerformanceCounter
TlsSetValue
GetCommandLineA

user32

IntersectRect
IsCharUpperW
DdeCreateDataHandle
GetWindowInfo
LoadAcceleratorsA
EnumWindows
CharToOemW
MessageBoxIndirectW
CharNextA
DrawTextExA
GetClassLongW
OemKeyScan
IsChild
FlashWindowEx
GetClassInfoA
RegisterClassA

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b02dedf565b81b703990c75615e1ec85

Headers

File Characteristics

Imports

gdi32

advapi32

comdlg32

shell32

kernel32

user32

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 275KB - Virtual size: 284KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 275KB - Virtual size: 284KB

.rsrc
Size: 8KB - Virtual size: 8KB