117cd70735abb2403572654d59867d41_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

117cd70735abb2403572654d59867d41_JaffaCakes118
Size

2.6MB
MD5

117cd70735abb2403572654d59867d41
SHA1

1aeeb012a685c8116d5c90a8bd2cb6419e716390
SHA256

0a18d113d031cf07636e353c8dacdb1efe21de92c6d1e1f1753306223819d988
SHA512

3a717a9eda59054f71a55cd5c94a6fb02e82332d102566cb0c91c9175ad3e4d638742aa57eab38e2cf9335791ef12b47e96363695704926db38a7a05c905bc03
SSDEEP

49152:GNDqBT3YhoAPqikDG6gz3L2UvlMKPn2/MwotOryW9Z8WvOM/tB3q6c:GNDUYSAPqikDAm6PnSogryMquPFBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
117cd70735abb2403572654d59867d41_JaffaCakes118

Files

117cd70735abb2403572654d59867d41_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36c4ea813d56abb17d79aeb8a27df297

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertAddEncodedCertificateToStore
CertControlStore
CertGetPublicKeyLength
CertFindExtension
CertGetNameStringW
CryptQueryObject
CertGetCertificateChain
CryptBinaryToStringW
CryptMsgClose
CertOpenStore
CertCreateCertificateContext
CertCloseStore
CryptEncodeObjectEx

wininet

InternetSetOptionW

advapi32

RegQueryInfoKeyW

opengl32

glViewport
glTexParameteri
glReadPixels
glPixelStorei
glGetString
glGetFloatv
glGenTextures
glDepthMask
glDeleteTextures
glClearDepth
glBlendFunc

comdlg32

GetFileTitleW
ChooseFontW

kernel32

GetOEMCP
GetACP
RtlUnwind
VirtualAlloc
GetBinaryTypeW
GetEnvironmentStringsW
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
SetHandleCount
GetFileType
WriteFile
SetEndOfFile
GetSystemTimeAsFileTime
FormatMessageW
GetStartupInfoW
GetCommandLineW
ExpandEnvironmentStringsW
GetCPInfo
GetCPInfoExW
WideCharToMultiByte
FreeConsole
WriteConsoleW
GetConsoleWindow
GetVersion
ExitProcess
RaiseException
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
GetStdHandle
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapReAlloc
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

psapi

EnumDeviceDrivers

secur32

TranslateNameW

user32

GetParent
GetListBoxInfo
DefWindowProcW
ShowWindow
IsIconic
CheckDlgButton
GetDlgCtrlID
CharLowerW
CharNextW
SetMenu
DestroyMenu
GetSubMenu
GetMenuItemID
MenuItemFromPoint
EndPaint
GetScrollPos
EnableScrollBar
ShowCursor

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 653KB - Virtual size: 32.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7a2s0
Size: 822KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36c4ea813d56abb17d79aeb8a27df297

Headers

File Characteristics

Imports

crypt32

wininet

advapi32

opengl32

comdlg32

kernel32

psapi

secur32

user32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 653KB - Virtual size: 32.8MB

.7a2s0 Size: 822KB - Virtual size: 824KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 653KB - Virtual size: 32.8MB

.7a2s0
Size: 822KB - Virtual size: 824KB

.rsrc
Size: 23KB - Virtual size: 23KB