1b34bfcae80c8a95cc0c877b9937cb1b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1b34bfcae80c8a95cc0c877b9937cb1b_JaffaCakes118
Size

239KB
MD5

1b34bfcae80c8a95cc0c877b9937cb1b
SHA1

93184b1cc09920155ba8f157e46ef07416ac9a17
SHA256

54d5c715e85b318ce03089846314afc0a7db0c7652adc4a862b7b34277040f65
SHA512

7a0921abaafb073c2c699521f5ecda09b64189ab99b4e794588fdbd126dcc29b9845fca210fa9d0697fee6aff832053638f03901dd82af427ff8f25b2084cff9
SSDEEP

3072:9gALSUC1kHl021XzLYU7OKUISUufKulGMoJN/8vCqhH6lGsvp1mvO9q:CAL3CglxXzHUfYMEEtnsvDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b34bfcae80c8a95cc0c877b9937cb1b_JaffaCakes118

Files

1b34bfcae80c8a95cc0c877b9937cb1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e97c7ecb2c30a25f0002b5b833d5c919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetStdHandle
CopyFileExA
GetDiskFreeSpaceExW
GetLastError
GetConsoleOutputCP
HeapAlloc
WideCharToMultiByte
SetUnhandledExceptionFilter
LCMapStringA
TlsFree
GetExitCodeProcess
WriteConsoleOutputCharacterW
EnumSystemLocalesA
SetHandleCount
SetLastError
DeleteCriticalSection
GetModuleHandleW
GetOEMCP
FillConsoleOutputCharacterW
SetConsoleCtrlHandler
GetACP
GetStartupInfoA
GetCPInfo
CreateNamedPipeW
GetTimeFormatA
TlsAlloc
GetLocaleInfoW
GetProcAddress
GetProfileIntA
GetLocaleInfoA
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
FreeLibrary
OpenMutexA
GetTimeZoneInformation
VirtualQuery
IsValidLocale
TlsSetValue
LeaveCriticalSection
EnterCriticalSection
HeapCreate
Sleep
GetFileType
HeapReAlloc
IsValidCodePage
ExitProcess
GetDateFormatW
FindNextChangeNotification
VirtualAlloc
VirtualFree
QueryPerformanceCounter
GetCurrentProcess
InterlockedDecrement
GetModuleHandleA
GetDateFormatA
HeapDestroy
HeapSize
GetCurrentThreadId
MultiByteToWideChar
TlsGetValue
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCurrentProcessId
GetModuleFileNameA
InterlockedIncrement
FreeEnvironmentStringsA
WriteConsoleInputW
GetTickCount
GetStringTypeW
CompareStringA
GetCurrentThread
SetEnvironmentVariableA
LCMapStringW
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedExchange
IsDebuggerPresent
GetWindowsDirectoryW
AddAtomW
GetEnvironmentStringsW
WriteFile
GetStringTypeA
GetUserDefaultLCID
HeapFree
TerminateProcess
LoadLibraryA
GetPrivateProfileIntA

user32

GetKBCodePage
LookupIconIdFromDirectoryEx
CopyIcon
ToAscii
DestroyWindow
UnregisterDeviceNotification
CreateAcceleratorTableA
CreateCaret
GetMenuBarInfo
RegisterClipboardFormatA
IsWindowEnabled
IsDialogMessageW
OpenWindowStationA
GetClipCursor
GetMonitorInfoA
GetMenuStringA
SetSystemCursor
SetRectEmpty
CharToOemBuffA
DdeAbandonTransaction
EditWndProc

advapi32

RegOpenKeyExA
RegQueryMultipleValuesW
CryptSignHashA
InitializeSecurityDescriptor
GetUserNameA
CryptReleaseContext
CryptGenRandom
ReportEventW
RegQueryValueExA
CryptSetProviderA
RegCreateKeyA
AbortSystemShutdownA
LookupSecurityDescriptorPartsW
RegConnectRegistryW
RegConnectRegistryA
CryptSetProviderW
LogonUserA
CryptSetProviderExA
RegRestoreKeyA
RegEnumValueA
RegRestoreKeyW
AbortSystemShutdownW

comdlg32

ChooseFontA
GetSaveFileNameA
GetOpenFileNameW
ReplaceTextW
ChooseColorA
ChooseFontW
FindTextA

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e97c7ecb2c30a25f0002b5b833d5c919

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comdlg32

Sections

.text Size: 118KB - Virtual size: 118KB

.data Size: 112KB - Virtual size: 130KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 118KB - Virtual size: 118KB

.data
Size: 112KB - Virtual size: 130KB

.rsrc
Size: 8KB - Virtual size: 7KB