018871153a70287442d95fa26e6c9c20_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

018871153a70287442d95fa26e6c9c20_JaffaCakes118
Size

347KB
MD5

018871153a70287442d95fa26e6c9c20
SHA1

5c46d7e710282ef5437936462cc79ffcf4aacabe
SHA256

afc9324d1cdef09415413406922ffb44228cfdb1c547f7ef5acfccf21191b048
SHA512

fa5bada132bc2470cdd9d820509a2ba8d89fe6598db6cade2d908da26c4378785cbb6e5c203dfcfbe5e2106ec9bbbe2258c607b0d544cef6c33aba76a1abcfcf
SSDEEP

6144:lD1CAMSGihGZjzJ5+E5RYbjeBn1BhmyoYHI2GE9x8:lpdGihijznYbm1BhmyoYHI2Ga+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
018871153a70287442d95fa26e6c9c20_JaffaCakes118

Files

018871153a70287442d95fa26e6c9c20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e04bdb7b8e4536a1a330fa7f2174aaa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA
GetFileTitleW

wininet

InternetCrackUrlA
InternetCreateUrlW
InternetTimeFromSystemTime

user32

EnumPropsA
SetMenuItemInfoA
VkKeyScanW
GetClipboardViewer
DlgDirListComboBoxA
MessageBoxA
DrawMenuBar
EnumWindowStationsW
FlashWindow
DdeAccessData
SendInput
PostQuitMessage
GetClassLongA
SetThreadDesktop
EnumDisplayDevicesA
SetRect
UnregisterClassA
DefMDIChildProcW
DdeConnectList

advapi32

RegCreateKeyW
CryptSetProviderW
CryptExportKey
CryptSetHashParam
RegSaveKeyA
AbortSystemShutdownA
CryptSetProviderExA
RegFlushKey

kernel32

GetDateFormatA
HeapAlloc
IsValidCodePage
GetOEMCP
Sleep
GetCommandLineA
SetHandleCount
SetConsoleCtrlHandler
GetLocaleInfoW
TerminateProcess
GetUserDefaultLCID
GetCurrentThreadId
HeapReAlloc
VirtualQuery
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
TlsGetValue
EnterCriticalSection
GetLocaleInfoA
GetTickCount
LeaveCriticalSection
GetCPInfo
InterlockedExchange
FreeEnvironmentStringsA
GetCurrentThread
GetConsoleMode
RtlUnwind
SetUnhandledExceptionFilter
HeapFree
FoldStringW
UnhandledExceptionFilter
ExitProcess
CompareStringW
GetStringTypeW
TlsSetValue
GetEnvironmentStringsW
SetEnvironmentVariableA
WriteFile
GetModuleHandleW
InterlockedIncrement
LCMapStringW
DeleteCriticalSection
GetUserDefaultLangID
CreateEventW
TerminateThread
FindFirstFileW
GetStringTypeA
GetStartupInfoA
IsValidLocale
IsDebuggerPresent
HeapCreate
TlsAlloc
GlobalFindAtomW
FreeEnvironmentStringsW
GetProcAddress
GetCurrencyFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetFileType
LCMapStringA
CompareStringA
GetACP
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
VirtualAlloc
GetModuleFileNameA
GetTimeFormatA
GetEnvironmentStrings
GetCurrentProcessId
GetModuleHandleA
HeapDestroy
LoadLibraryA
VirtualFree
GetLastError
TlsFree
GetStdHandle
SetLastError
EnumSystemLocalesA
InterlockedDecrement
QueryPerformanceCounter
HeapSize

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e04bdb7b8e4536a1a330fa7f2174aaa7

Headers

File Characteristics

Imports

comdlg32

wininet

user32

advapi32

kernel32

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 9KB - Virtual size: 25KB

.data Size: 175KB - Virtual size: 174KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 9KB - Virtual size: 25KB

.data
Size: 175KB - Virtual size: 174KB

.rsrc
Size: 9KB - Virtual size: 8KB