f5ea1c57978a464006063ec10ff213ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5ea1c57978a464006063ec10ff213ac_JaffaCakes118
Size

512KB
MD5

f5ea1c57978a464006063ec10ff213ac
SHA1

40d9f769b7b23000c46aa30078318793d8ffe205
SHA256

71962e4b71b3367ecceb1797602c6fd834b5a4c7f40e75586b7155f01c9fe600
SHA512

91cf12c722bc6d2d6214b16782f82b0fa8d54b3e3718fae6e205abeaad9a9d5dc65e808e77a7c0e523dd0d430357dc5cc23d964d7f15b2cfaaa743d52a56d637
SSDEEP

6144:t6nqyRwVJwYAjiHYxSnYjeRi+848KGKVFzDh35xkEJAroErZkEo0i2zlBAHSsodp:tnyR4wYgi1iI5zeqZEjWSsodpgkpN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5ea1c57978a464006063ec10ff213ac_JaffaCakes118

Files

f5ea1c57978a464006063ec10ff213ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab88fe27105076c355ce478dbddb71e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA
ExtractIconExA
SHChangeNotify

user32

DestroyWindow
RegisterClassA
RegisterClassExA

gdi32

CloseEnhMetaFile
CombineRgn
GetLogColorSpaceW
GetTextFaceA
GetColorAdjustment
GetGlyphOutlineW
CreateDCW
SetBkMode
SetPolyFillMode
CreateEllipticRgn
EnumICMProfilesA
SetWorldTransform
PlayEnhMetaFileRecord
GetTextColor
CloseMetaFile
CancelDC
DeleteEnhMetaFile
CreateDIBPatternBrushPt
GetMetaRgn
CreateCompatibleBitmap
GetEnhMetaFileHeader
GdiSetBatchLimit
PatBlt
CreateColorSpaceA
Arc

kernel32

UnhandledExceptionFilter
LoadLibraryA
SetEnvironmentVariableA
QueryPerformanceCounter
CreateMutexA
LCMapStringA
SetComputerNameW
GetModuleFileNameA
RtlFillMemory
TerminateProcess
RaiseException
IsValidCodePage
TlsGetValue
TlsFree
GetModuleHandleA
DeleteCriticalSection
OpenMutexA
SetStdHandle
HeapCreate
GetSystemInfo
GetEnvironmentStringsW
VirtualAlloc
WriteProfileSectionW
GetOEMCP
OutputDebugStringA
lstrcpy
RtlUnwind
IsValidLocale
SetEndOfFile
GetACP
GetDateFormatA
FreeEnvironmentStringsA
IsBadWritePtr
InterlockedDecrement
HeapAlloc
GetCurrentProcessId
WriteConsoleOutputCharacterA
GetUserDefaultLCID
CompareStringA
GetStringTypeA
GetSystemTimeAsFileTime
SetFilePointer
MapViewOfFileEx
WideCharToMultiByte
HeapSize
SetHandleCount
GetVersionExA
HeapReAlloc
GetFileType
GetTimeFormatA
VirtualFree
GetTickCount
SetLastError
MultiByteToWideChar
GetStringTypeW
LeaveCriticalSection
EnumSystemLocalesA
GetTimeZoneInformation
WriteFile
GetCurrentProcess
ReadFile
EnterCriticalSection
MoveFileExW
GetProcessAffinityMask
TlsAlloc
LocalUnlock
VirtualQuery
GetConsoleCursorInfo
GetLocaleInfoW
GetCommandLineA
TlsSetValue
GetCurrentThreadId
GetDriveTypeA
ExitProcess
WriteConsoleW
FreeEnvironmentStringsW
CloseHandle
GetProcAddress
CompareStringW
GetCurrentThread
GetLastError
GetStartupInfoA
HeapFree
GetLocaleInfoA
GetCPInfo
InitializeCriticalSection
GetEnvironmentStrings
FlushFileBuffers
LCMapStringW
MoveFileA
VirtualProtect
FoldStringA
GetStdHandle
InterlockedExchange
HeapDestroy

wininet

InternetFindNextFileW
DeleteUrlCacheEntry

comctl32

InitCommonControlsEx

advapi32

AbortSystemShutdownW
LookupAccountNameW
CryptGetHashParam
ReportEventW
CryptEnumProviderTypesW
RegSaveKeyW
CryptCreateHash
LookupAccountSidA
RegReplaceKeyA
RegEnumKeyW
RegOpenKeyExW
CryptSetProviderW
RegQueryMultipleValuesW
RegSetKeySecurity
AbortSystemShutdownA
CryptSetProviderExA
RegCreateKeyA
CryptEnumProvidersA
CryptGenRandom
GetUserNameW
CryptReleaseContext
RevertToSelf
RegQueryInfoKeyA

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab88fe27105076c355ce478dbddb71e2

Headers

File Characteristics

Imports

shell32

user32

gdi32

kernel32

wininet

comctl32

advapi32

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 9KB - Virtual size: 27KB

.data Size: 313KB - Virtual size: 313KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 9KB - Virtual size: 27KB

.data
Size: 313KB - Virtual size: 313KB

.rsrc
Size: 11KB - Virtual size: 10KB