7040a296395036a05180f167d92a414a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7040a296395036a05180f167d92a414a_JaffaCakes118
Size

2.0MB
MD5

7040a296395036a05180f167d92a414a
SHA1

110583fe92a49a9d7d1da54ddfe16d2a2e46c237
SHA256

76aaa14bd4bbe13d9e5afd78fbbc1b1f06944bed3ee8541fe8571fef61b5e1df
SHA512

a544ecd7b0c942c84b08f6987cf4fe35e3f23a2f209a36edd0c2618cf7ac1213fd541d01743478e054b567428634d0aa10a8f248f0da7b8c4d42d4a60804bdd9
SSDEEP

24576:XRnKG7CRRPuMIzUfygctnGEgQvZ6W/TfSnsk6KHMM:XRKeCA8c9tZ6QLSsk64MM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7040a296395036a05180f167d92a414a_JaffaCakes118

Files

7040a296395036a05180f167d92a414a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f13333645d0ec9e4cf7468ee69cf017

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetIconInfo
GetClassNameW
FindWindowExW
FindWindowW
SetWindowLongW
GetWindowLongW
FrameRect
MessageBeep
AdjustWindowRectEx
GetClientRect
EnableScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
CreateMenu
SetMenu
IsWindowEnabled
ReleaseCapture
IsCharUpperW
GetDialogBaseUnits
SendDlgItemMessageW
DialogBoxParamW
CreateDialogIndirectParamW
BeginDeferWindowPos
PostMessageW

advapi32

RegDeleteKeyW
RegEnumValueW
RegSetValueExW
RegDeleteValueW

crypt32

CertFreeCRLContext
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertFreeCertificateContext
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertCloseStore
CryptEnumOIDInfo
CryptEncodeObject
CertGetEnhancedKeyUsage
CryptExportPKCS8
CertNameToStrW
CertCreateCertificateContext
CryptBinaryToStringW

kernel32

SetFilePointerEx
SetStdHandle
WriteConsoleW
GetConsoleCP
FlushFileBuffers
CloseHandle
CreateFileW
LoadLibraryExW
RtlUnwind
OutputDebugStringW
GetStringTypeW
HeapAlloc
HeapReAlloc
HeapSize
LCMapStringW
GetConsoleMode
GetModuleHandleExW
VirtualAlloc
ResetWriteWatch
HeapFree
FreeEnvironmentStringsW
InitializeCriticalSection
WaitForMultipleObjects
GetFileSizeEx
SetEndOfFile
TlsGetValue
OpenWaitableTimerW
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
ExpandEnvironmentStringsW
FindResourceExW
EnumResourceNamesW
CreateDirectoryW
CancelIo
GetCPInfo
CompareStringW
GetConsoleWindow
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
LeaveCriticalSection
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsSetValue
TlsFree
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
EnterCriticalSection

shlwapi

StrCmpNW
StrCmpNIW
StrFormatByteSizeW
PathAppendW
PathFileExistsW
PathFindNextComponentW
PathIsDirectoryW
PathIsRootW
PathParseIconLocationW
PathRemoveBlanksW
SHDeleteEmptyKeyW
SHDeleteKeyW
SHGetValueW
AssocCreate
SHAutoComplete

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 333KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.7rhtl
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.3i84
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1it640
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hrie
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f13333645d0ec9e4cf7468ee69cf017

Headers

File Characteristics

Imports

user32

advapi32

crypt32

kernel32

shlwapi

Sections

.text Size: 105KB - Virtual size: 104KB

.data Size: 333KB - Virtual size: 6.9MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.7rhtl Size: 206KB - Virtual size: 205KB

.3i84 Size: 659KB - Virtual size: 659KB

.1it640 Size: 284KB - Virtual size: 284KB

.hrie Size: 327KB - Virtual size: 326KB

.rsrc Size: 102KB - Virtual size: 102KB

.text
Size: 105KB - Virtual size: 104KB

.data
Size: 333KB - Virtual size: 6.9MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.7rhtl
Size: 206KB - Virtual size: 205KB

.3i84
Size: 659KB - Virtual size: 659KB

.1it640
Size: 284KB - Virtual size: 284KB

.hrie
Size: 327KB - Virtual size: 326KB

.rsrc
Size: 102KB - Virtual size: 102KB