01761e3c3bdc0301cda2c48761e0aa51_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01761e3c3bdc0301cda2c48761e0aa51_JaffaCakes118
Size

474KB
MD5

01761e3c3bdc0301cda2c48761e0aa51
SHA1

c0478e9b8911c9b4eb9c10f714b05b77cbe5b167
SHA256

89aa089c68a8f66fe30ea1d1a2de684f39f79cd9ef42ab31eada285da03ccc84
SHA512

029cc5fa1be5cfe9d9b583da6a2ea0b2d68fed8ce63b496dada6b4be0052b2ba7322ed83c7e583e65af5fe91964888a2a1239effd3f64802cd4b1e4bb40fe9f1
SSDEEP

12288:GAkMMkCcS8QhBrc3crt4lAOWxy+mbuehet:jMkCcS8Whcsrulzuy+mbuegt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01761e3c3bdc0301cda2c48761e0aa51_JaffaCakes118

Files

01761e3c3bdc0301cda2c48761e0aa51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

139ca064ec3b0bd23ed94bf136086176

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
InitializeCriticalSection
GetFileType
lstrcpy
GetTickCount
GetUserDefaultLCID
LCMapStringA
GetStringTypeW
IsValidLocale
GetModuleFileNameA
SetFilePointer
TlsAlloc
GetStdHandle
SetEnvironmentVariableA
EnterCriticalSection
GetCurrencyFormatW
GetCurrentThreadId
WritePrivateProfileSectionW
FreeEnvironmentStringsA
OpenMutexA
FlushFileBuffers
VirtualFree
GetSystemTimeAsFileTime
GetStringTypeA
GetCPInfo
GetLastError
VirtualProtect
GetCurrentProcessId
TlsFree
HeapSize
GetTimeFormatA
FreeEnvironmentStringsW
LeaveCriticalSection
GetModuleHandleA
GetEnvironmentStringsW
GetStartupInfoA
GetSystemInfo
SetLastError
GetVersionExA
GetProcAddress
ExitProcess
GetProcAddress
TlsSetValue
HeapCreate
GetCurrentThread
UnhandledExceptionFilter
SetStdHandle
GetUserDefaultLangID
GetLocaleInfoW
DeleteCriticalSection
GetSystemDefaultLCID
CompareStringW
IsValidCodePage
GetDateFormatA
SetHandleCount
HeapFree
InterlockedExchange
CreateMutexA
GetFileAttributesExW
SetConsoleTextAttribute
GetTimeZoneInformation
GetEnvironmentStrings
TlsGetValue
HeapReAlloc
HeapDestroy
GetCommandLineA
DeleteFileW
WriteFile
IsBadWritePtr
RtlUnwind
FileTimeToDosDateTime
ReadFile
CompareStringA
LoadLibraryA
FormatMessageA
GetLocaleInfoA
WideCharToMultiByte
LCMapStringW
FindFirstFileExW
QueryPerformanceCounter
HeapAlloc
MultiByteToWideChar
GetACP
TerminateProcess
OpenEventW
GetOEMCP
GetPrivateProfileSectionNamesW
CloseHandle
VirtualQuery
ReadConsoleOutputCharacterW
ReadFileEx
VirtualAlloc
EnumSystemLocalesA

user32

AppendMenuW
EnumThreadWindows
GetForegroundWindow
IsWindowEnabled
DefFrameProcA
GetUpdateRect
GetKeyNameTextA
GetSystemMenu
ToUnicodeEx
SetDoubleClickTime
OemKeyScan
DefMDIChildProcA
TrackPopupMenuEx
DrawFocusRect
DefDlgProcA
DdeGetData
EnableWindow
SetCursorPos
RegisterClassA
CreateIconFromResource
CreateWindowExA
UnionRect
SwitchDesktop
CreateMenu
GetAncestor
RegisterClassExA
MessageBeep

advapi32

RegQueryValueExA
CryptSignHashW
RegDeleteValueW
RegQueryInfoKeyW
RegConnectRegistryW
RegEnumValueA
LookupAccountNameA
GetUserNameA
CryptEnumProvidersA
LookupPrivilegeDisplayNameA
CryptGenRandom
CryptSetKeyParam
RegEnumKeyExA
CryptHashSessionKey
RegSetValueExW
RegFlushKey
StartServiceW
CryptGenKey
RegDeleteKeyA
RegSetValueW
RegCreateKeyW
CryptSignHashA
RegQueryValueExW
CryptDestroyHash

comctl32

InitCommonControlsEx

Sections

.text
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

139ca064ec3b0bd23ed94bf136086176

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

Sections

.text Size: 331KB - Virtual size: 330KB

.rdata Size: 29KB - Virtual size: 32KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 331KB - Virtual size: 330KB

.rdata
Size: 29KB - Virtual size: 32KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 9KB - Virtual size: 9KB