f87f4af647551f3d6deef48614c96982_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f87f4af647551f3d6deef48614c96982_JaffaCakes118
Size

432KB
MD5

f87f4af647551f3d6deef48614c96982
SHA1

974f8326a880c247e075099856308842ec00bcb5
SHA256

70f5f3130579afb35546ef75314cf9ed8821b6a57f5c3db32562210adf452d3a
SHA512

ce87cd9de6bf402cd61da3cb08cfdf11b67b632b768465f7e8c976b137cb9fa946b543f9fde30d6723f9b3b693f37ff84d46e7509dfa4488b765549aab3947db
SSDEEP

12288:TGvm/7Z0nUtQ5ivxiLirrzUYVIcsc3jnXGwcAuz4/9SoiKaqp:GmjvtQ5k6iXztvcAi4/9SoLa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f87f4af647551f3d6deef48614c96982_JaffaCakes118

Files

f87f4af647551f3d6deef48614c96982_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25afa9a6e3c9976c791a86358b82b933

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetLayout
EnumFontFamiliesA
GetCharWidth32A
DescribePixelFormat
CombineRgn
GetBitmapBits
EqualRgn
PolyPolyline
CopyEnhMetaFileA
PaintRgn
StretchBlt
GetCharABCWidthsFloatW
GetNearestColor
GetTextExtentPointA
SetViewportExtEx
CheckColorsInGamut
CloseFigure
DeleteMetaFile
CreateHalftonePalette
ExtCreateRegion

advapi32

CryptSetKeyParam
LookupPrivilegeValueA
LookupPrivilegeDisplayNameA
InitializeSecurityDescriptor
LookupAccountNameA
RegQueryValueExA
LogonUserA
CryptSetProviderExW
CryptGetKeyParam
CryptDestroyHash
DuplicateToken
CryptAcquireContextW
CryptHashSessionKey

user32

GetClipCursor
SetPropW
EnumDisplaySettingsExW
CharUpperA
CopyIcon
DialogBoxIndirectParamW
ToUnicode
IsCharUpperA
DdeCreateStringHandleA
ClipCursor

comdlg32

PrintDlgW
ReplaceTextA
PageSetupDlgW
ChooseFontA
GetFileTitleA
ChooseFontW
GetSaveFileNameW
FindTextW
PrintDlgA
GetFileTitleW

kernel32

SetConsoleCtrlHandler
LeaveCriticalSection
EnterCriticalSection
CompareStringA
RtlUnwind
DeleteCriticalSection
GetLocaleInfoW
IsDebuggerPresent
LoadLibraryA
WideCharToMultiByte
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetDateFormatA
VirtualAlloc
FreeLibrary
GetProcAddress
LCMapStringW
GetCPInfo
TerminateProcess
GetCurrentThreadId
GetCurrentProcess
GetFileType
GetTickCount
InterlockedIncrement
TlsAlloc
ExitProcess
GetLocaleInfoA
GetUserDefaultLCID
GetModuleHandleA
QueryPerformanceCounter
GetModuleFileNameW
TlsGetValue
VirtualQuery
UnhandledExceptionFilter
HeapDestroy
EnumSystemLocalesA
MultiByteToWideChar
VirtualFree
LCMapStringA
GetCommandLineW
GetTimeFormatA
GetACP
GetTimeZoneInformation
GetStdHandle
InterlockedDecrement
TlsFree
HeapFree
FreeEnvironmentStringsW
GetStartupInfoW
SetLastError
WriteFile
GetCurrentProcessId
SetUnhandledExceptionFilter
LockFile
HeapSize
TlsSetValue
GetStartupInfoA
GetStringTypeA
GetLastError
HeapReAlloc
GetStringTypeW
Sleep
GetCurrentThread
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetOEMCP
IsValidLocale
HeapAlloc
IsValidCodePage
InterlockedExchange
SetEnvironmentVariableA
GetModuleHandleW
CompareStringW
SetHandleCount
HeapCreate

shell32

SHGetFileInfo
SHFreeNameMappings
SHGetNewLinkInfo
SHGetInstanceExplorer

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25afa9a6e3c9976c791a86358b82b933

Headers

File Characteristics

Imports

gdi32

advapi32

user32

comdlg32

kernel32

shell32

Sections

.text Size: 150KB - Virtual size: 149KB

.data Size: 276KB - Virtual size: 276KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 150KB - Virtual size: 149KB

.data
Size: 276KB - Virtual size: 276KB

.rsrc
Size: 5KB - Virtual size: 4KB