f5b4ab9ef4a63276b17796feecd1350e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5b4ab9ef4a63276b17796feecd1350e_JaffaCakes118
Size

521KB
MD5

f5b4ab9ef4a63276b17796feecd1350e
SHA1

5a59f2341983c00e3eb859a2d04e94fd4f850c4a
SHA256

5c7541bcdca9fc1e764e101bc83634c2d76e456a9fac5178d6332c2ec77df2b0
SHA512

19a082efa66161914038b071de6408e85caece78f469d92a3c19995ab5b359c81c1d1dd02b11463d888fd99c0df827f5749b8172d9f50b314c2cfe1405da9429
SSDEEP

12288:ikpPSelSudktH7XzwntIyrU+VywmKuMF+R9Q:RpKelSudyb8imtMGuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5b4ab9ef4a63276b17796feecd1350e_JaffaCakes118

Files

f5b4ab9ef4a63276b17796feecd1350e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8ee728ca058036d185b0d4820753818

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
FindTextA
FindTextW
PageSetupDlgW

user32

PeekMessageA
CharPrevW
SetUserObjectInformationW
CharToOemBuffA
GetMenuContextHelpId
UnhookWinEvent
AnyPopup
DdeQueryStringA
MapVirtualKeyA
CreateCursor
GetKeyboardLayoutList
RegisterClassA
LoadMenuA
LookupIconIdFromDirectory
IsRectEmpty
CloseWindowStation
ModifyMenuW
CreateDialogParamA
SwapMouseButton
GetKeyboardLayoutNameW
ChangeClipboardChain
ShowScrollBar
RegisterClassExA
SetFocus
GetTopWindow

shell32

ExtractIconW
SHGetFileInfoW
SHInvokePrinterCommandA

advapi32

RegEnumValueW
RegSaveKeyA
RegLoadKeyA
RegSetKeySecurity
CryptSetProviderExA
CryptGetUserKey
AbortSystemShutdownW
StartServiceA
InitializeSecurityDescriptor
RegReplaceKeyW
RegDeleteValueA
RegDeleteKeyA
LogonUserA
CryptContextAddRef
LookupSecurityDescriptorPartsA
RegEnumKeyExA
RegNotifyChangeKeyValue
CreateServiceW
CryptSignHashA
CreateServiceA
RegRestoreKeyA
RegSetValueW
LookupPrivilegeDisplayNameW

kernel32

IsValidCodePage
GetSystemTimeAsFileTime
GetUserDefaultLCID
EnumCalendarInfoA
QueryPerformanceCounter
EnumResourceTypesW
OpenMutexA
LoadLibraryA
CloseHandle
GetCompressedFileSizeA
MultiByteToWideChar
HeapLock
GetDriveTypeA
FreeEnvironmentStringsW
GetCommandLineA
GetACP
TlsAlloc
EnterCriticalSection
FreeLibrary
GetModuleHandleA
TlsSetValue
HeapDestroy
CompareStringA
FreeEnvironmentStringsA
SetCriticalSectionSpinCount
GetCurrentProcess
OpenWaitableTimerA
FreeLibraryAndExitThread
GetStdHandle
GetCurrentThread
GetCPInfo
GetLastError
ExitProcess
GetPrivateProfileSectionW
GetEnvironmentVariableW
InitializeCriticalSection
VirtualFree
SetConsoleCtrlHandler
GetThreadContext
GetLocaleInfoW
InterlockedExchange
GetConsoleMode
GetProcessShutdownParameters
TerminateProcess
InterlockedIncrement
TlsFree
GetOEMCP
TlsGetValue
GetTempPathA
GetDateFormatA
GetStringTypeA
UnhandledExceptionFilter
IsValidLocale
GetEnvironmentStrings
GetCurrentProcessId
GetCurrentThreadId
SetEnvironmentVariableA
SetUnhandledExceptionFilter
VirtualQuery
WriteConsoleOutputCharacterW
FlushFileBuffers
HeapReAlloc
LoadLibraryExW
GetEnvironmentStringsW
GetModuleFileNameA
GetConsoleOutputCP
WriteConsoleW
GetVersionExA
SetStdHandle
GetTimeFormatA
InterlockedDecrement
GetConsoleCP
GetStartupInfoA
EnumSystemLocalesA
CreateMutexA
DeleteCriticalSection
GetStringTypeW
CompareStringW
WriteFile
SetFilePointer
RtlUnwind
Sleep
CreateFileA
HeapSize
LeaveCriticalSection
WriteConsoleA
GetSystemDefaultLangID
VirtualAlloc
HeapFree
SetLastError
LCMapStringA
LocalLock
HeapCreate
GetTimeZoneInformation
SetHandleCount
HeapAlloc
GetLocaleInfoA
GetProcessHeap
GetFileType
LCMapStringW
GetTickCount
IsDebuggerPresent
GetProcAddress
WideCharToMultiByte
ReadFile

comctl32

InitCommonControlsEx

Sections

.text
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8ee728ca058036d185b0d4820753818

Headers

File Characteristics

Imports

comdlg32

user32

shell32

advapi32

kernel32

comctl32

Sections

.text Size: 347KB - Virtual size: 346KB

.rdata Size: 52KB - Virtual size: 62KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 347KB - Virtual size: 346KB

.rdata
Size: 52KB - Virtual size: 62KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 13KB - Virtual size: 13KB