02dab04d1a3e651c304c81f4a6672dad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02dab04d1a3e651c304c81f4a6672dad_JaffaCakes118
Size

613KB
MD5

02dab04d1a3e651c304c81f4a6672dad
SHA1

bcb6722b9ac66d4f6742571f02a7695d7ad9f946
SHA256

3b39b714cfa44250f2429884d3be28c98ca1cc1dd81c0a5ce74947568090c576
SHA512

f847e8da3bac4acf7b34fd26f19edb7a907f5de1385a6134fab9212b4e334738a3c252aba95628b64d783a80e12b7da9f35104a157ee696058fae6aae17bf0ab
SSDEEP

12288:X5QMyTzf68ZStwDVoytfsprHxh3pGImJEAT4OKqRwEZJdN:XPyTz68ZLosfsprHx9pYJEMiqR7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02dab04d1a3e651c304c81f4a6672dad_JaffaCakes118

Files

02dab04d1a3e651c304c81f4a6672dad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c95fd7401b555dcf77cc9613cfa9ba4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DuplicateTokenEx
CryptGetDefaultProviderA
CryptSetHashParam
CryptVerifySignatureW
CryptVerifySignatureA
CryptAcquireContextA
CryptDeriveKey
LookupAccountNameA
RegDeleteValueW
RegEnumKeyW
RegOpenKeyA
RegSaveKeyW
LookupPrivilegeDisplayNameA
ReportEventW

user32

FillRect
GetSystemMetrics
GetScrollBarInfo
RegisterClassA
GetTabbedTextExtentA
ShowOwnedPopups
SetMenuItemInfoW
GetCursorPos
GetMenuState
SetDebugErrorLevel
RegisterClassExA
CreateDialogParamA
GetKeyboardLayout
CharLowerBuffA
PostThreadMessageA
LoadMenuIndirectA

comctl32

InitCommonControlsEx

kernel32

GetConsoleCP
Sleep
FreeLibrary
SetUnhandledExceptionFilter
SetHandleCount
CreateMutexA
TerminateProcess
IsValidCodePage
EnterCriticalSection
GetStdHandle
GetUserDefaultLCID
ReadConsoleInputW
OpenWaitableTimerW
CompareStringW
GetStringTypeA
IsValidLocale
GetModuleFileNameW
QueryPerformanceCounter
HeapAlloc
SetFilePointer
GetLastError
GetCurrencyFormatA
SetLastError
SetStdHandle
VirtualAlloc
GetStartupInfoA
WriteConsoleW
GetSystemTimeAsFileTime
EnumResourceNamesA
GetCurrentProcessId
GetOEMCP
GlobalGetAtomNameA
ReadFile
lstrcpyW
HeapFree
GetLocaleInfoW
RtlUnwind
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetCommandLineA
SetConsoleCtrlHandler
GetEnvironmentStringsW
DeleteCriticalSection
GetTimeFormatA
GetConsoleMode
IsDebuggerPresent
FileTimeToSystemTime
OpenFileMappingA
lstrcmpiW
CopyFileA
GetFileAttributesExA
TlsGetValue
InterlockedIncrement
CreateDirectoryW
FlushFileBuffers
GetCompressedFileSizeW
GetModuleHandleW
VirtualQuery
GetConsoleOutputCP
InterlockedDecrement
GetTimeZoneInformation
EnumSystemLocalesA
GetStringTypeW
ExitProcess
CloseHandle
GetCurrentProcess
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetCommandLineW
CreateFileA
LoadLibraryA
LCMapStringA
TlsFree
GetTickCount
ExitThread
GetDateFormatA
GetProcAddress
CompareStringA
MultiByteToWideChar
HeapSize
LeaveCriticalSection
GetCurrentThreadId
HeapCreate
VirtualFree
WritePrivateProfileStructW
GetModuleHandleA
GetStartupInfoW
GetCurrentThread
OpenMutexW
GetCPInfo
HeapReAlloc
WideCharToMultiByte
GetFileType
LCMapStringW
WriteProfileSectionA
OpenMutexA
UnhandledExceptionFilter
InterlockedExchange
TlsSetValue
GetLocaleInfoA
GetVolumeInformationA
DeleteFileW
WriteFile
HeapDestroy
OpenWaitableTimerA
GetModuleFileNameA
WriteConsoleA
GetACP

comdlg32

GetOpenFileNameW
GetFileTitleW
PrintDlgW

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c95fd7401b555dcf77cc9613cfa9ba4

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

comdlg32

Sections

.text Size: 268KB - Virtual size: 268KB

.rdata Size: 10KB - Virtual size: 40KB

.data Size: 322KB - Virtual size: 321KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 268KB - Virtual size: 268KB

.rdata
Size: 10KB - Virtual size: 40KB

.data
Size: 322KB - Virtual size: 321KB

.rsrc
Size: 11KB - Virtual size: 11KB