023af4fc89e5ec2bf2f16fb25fc8867d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

023af4fc89e5ec2bf2f16fb25fc8867d_JaffaCakes118
Size

495KB
MD5

023af4fc89e5ec2bf2f16fb25fc8867d
SHA1

4dc389d4f391a1a27425800196f5f9532b977ac5
SHA256

1fe3361eb135d79cdaf48dc706abfc771e9c0d52ded1eb0316f15e5cb130401e
SHA512

1987a8cb8864e679a5c71ad3cc3a38e8ed82d89bb39ad27064c8dcac0554b3a77835492a95e3a0cf253ebec6d0f1cd7952125dfccfdac209c2d3b5621e70ed3b
SSDEEP

12288:VC1W8rocoQ8FOUckJFgyR/QyICBQm2Lqd+w:5Rcob4UiyR4yIzzXw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
023af4fc89e5ec2bf2f16fb25fc8867d_JaffaCakes118

Files

023af4fc89e5ec2bf2f16fb25fc8867d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd7b7f6bf1cab78a3158dfe167bcaf31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionNamesA
CompareStringW
FreeLibrary
GetCurrentThread
InterlockedIncrement
GetTimeZoneInformation
IsValidLocale
GetStdHandle
GetSystemTimeAsFileTime
CreateDirectoryExW
EnterCriticalSection
GetTickCount
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStringTypeW
GetACP
VirtualAlloc
GetLocaleInfoA
TlsFree
EnumSystemLocalesA
GetOEMCP
HeapAlloc
GetVersionExA
WriteConsoleW
InitializeCriticalSection
HeapFree
LCMapStringW
CreateFileA
SetEnvironmentVariableA
GetProcessHeap
CompareStringA
FreeEnvironmentStringsA
TlsAlloc
UnhandledExceptionFilter
GetCurrentProcessId
GetModuleFileNameA
GetFileType
GetLastError
GetStringTypeA
HeapCreate
VirtualQuery
GetModuleHandleA
SetConsoleCtrlHandler
GetCommandLineA
GetDateFormatA
ExitProcess
TlsSetValue
WriteConsoleA
SetHandleCount
GetLocaleInfoW
TerminateProcess
HeapReAlloc
ReadFile
GetEnvironmentStrings
GetEnvironmentStringsW
GetConsoleOutputCP
MultiByteToWideChar
VirtualFree
DeleteCriticalSection
GetStartupInfoA
GetPrivateProfileSectionA
GetCPInfo
Sleep
GetProcAddress
InterlockedDecrement
InterlockedExchange
TlsGetValue
OpenMutexA
IsValidCodePage
HeapSize
CreateMutexA
IsDebuggerPresent
HeapDestroy
FreeEnvironmentStringsW
GetTimeFormatA
GetConsoleMode
WideCharToMultiByte
LoadLibraryA
FlushFileBuffers
RtlUnwind
SetLastError
SetFilePointer
LCMapStringA
SetStdHandle
GetUserDefaultLCID
CloseHandle
WriteFile
GetCurrentThreadId
GetCurrentProcess
GetConsoleCP

user32

InsertMenuA
DrawFocusRect
SetSystemCursor
CreateDesktopA
ScrollDC
FrameRect
GetProcessDefaultLayout
UnregisterClassW
CreateDesktopW
EnumDisplayDevicesA
IsDialogMessage
ReleaseDC
EnumWindows
OemToCharA
RegisterClassA
RegisterClassExA

comdlg32

ChooseFontA

shell32

ShellAboutW

gdi32

RectInRegion
RectVisible
GetStockObject
ResetDCW
CreateRectRgnIndirect
Rectangle
SetDeviceGammaRamp
GdiPlayJournal
DrawEscape
CreatePatternBrush
FillRgn
PolyPolygon
EnumFontsA
CreateCompatibleBitmap

comctl32

InitCommonControlsEx

advapi32

CryptAcquireContextW
RegReplaceKeyW
CryptDuplicateHash
CryptHashData
RegNotifyChangeKeyValue
CryptGetProvParam
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExW
RegQueryMultipleValuesA
GetUserNameW
CryptGetHashParam
CryptAcquireContextA
RegOpenKeyA
CryptReleaseContext
RegLoadKeyW
RegOpenKeyExW
RegEnumValueW
LogonUserA
CryptSetProviderA
InitiateSystemShutdownW
RegRestoreKeyW
CryptDestroyKey

Sections

.text
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd7b7f6bf1cab78a3158dfe167bcaf31

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

gdi32

comctl32

advapi32

Sections

.text Size: 298KB - Virtual size: 298KB

.rdata Size: 10KB - Virtual size: 31KB

.data Size: 180KB - Virtual size: 180KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 298KB - Virtual size: 298KB

.rdata
Size: 10KB - Virtual size: 31KB

.data
Size: 180KB - Virtual size: 180KB

.rsrc
Size: 5KB - Virtual size: 4KB