11c1a5f690d16fc5a4be26194bc0c2d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11c1a5f690d16fc5a4be26194bc0c2d0_JaffaCakes118
Size

808KB
MD5

11c1a5f690d16fc5a4be26194bc0c2d0
SHA1

f730ea8ed5b254f61b8e0dc5012ee7896df3699d
SHA256

166006b4216fb121ada89b4a51dfee7231c5e32a5736dbed9faa1f58ba2ad987
SHA512

a2c5939bb8bbdfbcad9f9c73a6ca05d359ca56ed797bd9e025af399898a6e81d928b503ae020e17793b8c6486bcc8427b7840a314a516a1374b0e2d7af5d8cf9
SSDEEP

12288:Ls0/HIATqAjCKsnrMuKxtvUE0lR31/vkXhFXe6TatE2WH3pr5S:L2ICKGgtD0lADNmxiR5S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11c1a5f690d16fc5a4be26194bc0c2d0_JaffaCakes118

Files

11c1a5f690d16fc5a4be26194bc0c2d0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f31b3cda053138a32e4dfb7d7198da0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_Add
ImageList_GetBkColor
ImageList_SetOverlayImage
ImageList_Replace
ImageList_AddMasked
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_Copy
ImageList_DragLeave
ImageList_GetDragImage
ImageList_Write
CreateToolbarEx
FlatSB_SetScrollPos
FlatSB_SetScrollInfo

ole32

CLSIDFromProgID
CoTaskMemRealloc
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromString

kernel32

GetProcAddress
VirtualAlloc
GetEnvironmentStringsW
GetCurrentThreadId
GetLastError
SetFilePointer
CreateMutexW
GetModuleHandleW
OutputDebugStringW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

uxtheme

IsThemeActive
GetWindowTheme
EnableThemeDialogTexture
SetWindowTheme

wininet

HttpSendRequestW
HttpQueryInfoW
HttpAddRequestHeadersW
InternetOpenW

userenv

LeaveCriticalPolicySection
ExpandEnvironmentStringsForUserW
GetUserProfileDirectoryW
LoadUserProfileW
RegisterGPNotification

shlwapi

AssocQueryStringW
SHDeleteKeyW
PathCreateFromUrlW
UrlUnescapeW
PathStripToRootW
PathStripPathW
PathSkipRootW
PathRemoveBackslashW
PathParseIconLocationW
PathIsUNCServerW
PathIsRootW
PathCombineW
PathAppendW
StrCmpW
StrStrW
StrDupW
StrCmpNIW
StrCmpNW
StrChrW
StrRChrW

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oin4
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.teh63
Size: 417KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t6h6
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f31b3cda053138a32e4dfb7d7198da0a

Headers

File Characteristics

Imports

comctl32

ole32

kernel32

uxtheme

wininet

userenv

shlwapi

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 6.4MB

.oin4 Size: 180KB - Virtual size: 180KB

.teh63 Size: 417KB - Virtual size: 416KB

.t6h6 Size: 136KB - Virtual size: 135KB

.rsrc Size: 18KB - Virtual size: 21KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 6.4MB

.oin4
Size: 180KB - Virtual size: 180KB

.teh63
Size: 417KB - Virtual size: 416KB

.t6h6
Size: 136KB - Virtual size: 135KB

.rsrc
Size: 18KB - Virtual size: 21KB