0f79262d71555efe34b1b3c96131b013_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f79262d71555efe34b1b3c96131b013_JaffaCakes118
Size

2.7MB
MD5

0f79262d71555efe34b1b3c96131b013
SHA1

0a0fa6f21f975705677efec3de6257da347f430c
SHA256

a582fc0333309d11f39ec34be9db1f5f9714ac3f1f8b387e11b9273c7631c300
SHA512

ea4b2a44fe97210e4f86cb2f6dd64677a080c09ca5940c98970c04edab7c7e25eb82eb2318c1e8502eff35d99ad11dfbf19063bfcf55b66ff82775cb22fc1fa8
SSDEEP

24576:x4/DJMIWi7GWtZZuyziG7c8Qlvba98Jv+Y1+/:xmDJqWtWtGlQGM+B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f79262d71555efe34b1b3c96131b013_JaffaCakes118

Files

0f79262d71555efe34b1b3c96131b013_JaffaCakes118
.exe windows:5 windows x86 arch:x86

33614337879701e268371916760806bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetIconInfo
LoadIconW
FindWindowExW
SetParent
InvertRect
DrawFocusRect
WindowFromPoint
GetCursor
RemovePropW
GetUpdateRect
GetDC
DrawIcon
GetMenuDefaultItem
RemoveMenu
AppendMenuW
DrawMenuBar
ToAscii
CheckRadioButton
SetWindowPos
DrawAnimatedRects
DrawEdge
GetKeyboardLayoutList
ActivateKeyboardLayout

advapi32

RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegQueryInfoKeyW

kernel32

SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
SetFilePointerEx
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
LoadLibraryExW
WriteConsoleW
CloseHandle
CreateFileW
GetStdHandle
GetVersion
GlobalAlloc
GlobalSize
VirtualAlloc
ExitProcess
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileSize
CreateEventW
LoadLibraryW
GetCommandLineW
FindResourceW
FindResourceExW
DeleteFileW
CancelIo
GetVersionExW
GetThreadLocale
GetUserDefaultLCID
GetConsoleWindow
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree

wintrust

CryptCATAdminReleaseContext
CryptCATAdminReleaseCatalogContext
CryptCATCatalogInfoFromContext
WTHelperGetProvCertFromChain

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 740KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.7re8i0
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.le8y32
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eriat0
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.4n6a
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33614337879701e268371916760806bd

Headers

File Characteristics

Imports

user32

advapi32

kernel32

wintrust

Sections

.text Size: 112KB - Virtual size: 111KB

.data Size: 740KB - Virtual size: 7.5MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.7re8i0 Size: 568KB - Virtual size: 567KB

.le8y32 Size: 550KB - Virtual size: 550KB

.eriat0 Size: 481KB - Virtual size: 481KB

.4n6a Size: 225KB - Virtual size: 224KB

.rsrc Size: 99KB - Virtual size: 99KB

.text
Size: 112KB - Virtual size: 111KB

.data
Size: 740KB - Virtual size: 7.5MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.7re8i0
Size: 568KB - Virtual size: 567KB

.le8y32
Size: 550KB - Virtual size: 550KB

.eriat0
Size: 481KB - Virtual size: 481KB

.4n6a
Size: 225KB - Virtual size: 224KB

.rsrc
Size: 99KB - Virtual size: 99KB